Egress-Assess – Tool to Test Egress Controls

0
0

Egress-Assess is a tool that may help in testing egress data detection capabilities. The idea behind this tool is to run it as part of RedTeam engagement to test if there is a security control that will prevent sending sensitive information to remote location. The tool is a server-client solution so you will need to install on one server the server application and make required configuration for the protocol you want to test and second part will be on the client side to remotely send the file over the configured protocol.

Egress-Assess - Tool to Test Egress Controls

Egress-Assess – Tool to Test Egress Controls

On the server side you can run DNS, FTP, HTTP, HTTPS, ICMP , SFTP ,SMTP and SMB protocols and there is several modules that will allow user to generate sensitive data including:

  • UK National Insurance Numbers
  • Credit card data
  • Names, addresses, and SSNs
  • Social security numbers

You can also create your own template with required information. Egress-Assess will not just test for sensitive information but it also include modules to emulate real threats for APT and malwares and supported Threat groups are:

  • etumbot – (etumbot backdoor)
  • zeus – (Zeus Malware)
  • darkhotel – (darkhotel backdoor)
  • putterpanda – (Putter Panda APT)

You can read more and download this tool over here: https://github.com/FortyNorthSecurity/

Share