Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/danielmiessler/egression

Test a network's egress controls with various levels of success and failure.
https://github.com/danielmiessler/egression

Last synced: about 2 months ago
JSON representation

Test a network's egress controls with various levels of success and failure.

Host: GitHub
URL: https://github.com/danielmiessler/egression
Owner: danielmiessler
Created: 2017-07-22T18:07:31.000Z (over 7 years ago)
Default Branch: master
Last Pushed: 2022-05-01T12:14:45.000Z (over 2 years ago)
Last Synced: 2024-10-14T11:05:34.287Z (about 2 months ago)
Language: Shell
Size: 25.4 KB
Stars: 102
Watchers: 10
Forks: 25
Open Issues: 0
Metadata Files:
- Readme: readme.md

Awesome Lists containing this project

awesome-rainmana - danielmiessler/egression - Test a network's egress controls with various levels of success and failure. (Shell)

README

screen shot 2017-07-23 at 1 48 48 pm

## Description

EGRESSION is a tool that provides an instant view of how easy it is to upload sensitive data from any given network.

It starts with a sensitive file with these contents, which is stored locally in plaintext. This file is used to test the egress / DLP controls on the network by attempting to connect outbound and upload this file using various techniques.

- //US Social
- 567-24-4901
- //Credit card numbers
- 4111111111111111
- 5105105105105100
- 4222222222222
- //Dates of birth
- 12.12.94
- 12/12/1994
- 12/12/94
- 12 July 1994
- //Canadian SIN
- 202 275 186
- //UK National Insurance Number (NINO)
- ST 68 86 80 B

## Testing procedure

screen shot 2017-07-24 at 11 30 06 am

It has four (4) levels of testing.

1. INFORMATIONAL: Tells you if it can connect to ports ont he internet.
2. LEVEL 0: Tells you if it can FTP a file to the internet in cleartext.
3. LEVEL 1: Tells you if it can SCP files to the internet over various ports.
4. LEVEL 2: Tells you if it can send the same sensitive file to the internet via DNS queries.

It does each of these in succession and then reports on which levels it failed to block.

screen shot 2017-07-24 at 11 27 51 am

## Installation

The tool is made to be as self-contained as possible and easy to run. You can install the dependencies like so:

1. Ensure you have curl installed.
2. Ensure you have nc installed.
3. git clone https://github.com/danielmiessler/egression.git
4. cd egression
5. ./egression

## Presentations

- Blackhat Arsenal 2017

## Next Steps

Plans for the project include:

- Adding additional levels, with additional egress methods, e.g.: sending data over NTP, ICMP, etc.
- Additional fault checking for various scenarios

## Credits and Thanks

- Hat tip to William Coppola for previous and complementary work he's done in this space with his [Fillabuster](https://github.com/subinacls/Filibuster) tool, which he also presented at BlackHat Arsenal back in 2015.
- Thanks to Sasa Zdjelar and Jason Haddix for giving feedback on the tool.