I added DoH (DNS over HTTP) capability to DNSExfiltrator. Google experimental DoH servers are hardcoded for now, but it can be easily changed. Watch all you data leak channels ! :-) github.com/Arno0x/DNSExfiltr…

1:18 PM · Feb 1, 2018

1
47
63
What do you mean ? Doesn't work for you ? Very possible since it's only been tested in one environment. Feedback welcome !
0
0
0
My network is real :-) and so does the Google DoH servers and the domain name I've used for testing this :-)
0
0
0
oh, gotcha ! Yes indeed. Each environment is different, but I'd love to hear that an IDS/IPS, or any DLP solution, is capable of detecting/blocking this channel of data leak.
0
0
0
It should be OK now.
0
0
0
Replying to @Arno0x0x
dnskv.com provides a DNS data key value cloud storage for free. Currently just as experimental let's see what happens hobby project. No need for everyone to do the 'complex' setup for the server side. Small client modifications would be enough.
1
0
2
Awesome. This is the kind of trigger I needed. Let's see what we can do :-)
0
0
1