2023-09-08, 16:45–17:15 (Europe/Berlin), Pupin
A talk about data exfiltration techniques and egress0r.io - a network security testing suite
This talk will demonstrate many techniques for moving your data from "point A" to "point B" without detection. This is called exfiltration, also known as TA0010 [https://attack.mitre.org/tactics/TA0010/] within the "MITRE ATT&CK" framework, which consists of techniques adversaries use to steal data from your network. cyllective has created "egress0r," a tool that simulates numerous exfiltration techniques. The latest version is shipped as a standalone go binary that can help blue teams identify unknown ways data may be exfiltrated and test the efficiency of their monitoring systems for detecting egress traffic.
During the presentation, you will also learn about security practices that can help you detect and prevent data exfiltration on your network and managed devices.
https://cyllective.com/team -> ctrl+f -> "sophus"