PyExfil

PyExfil was born as a PoC and kind of a playground and grew to be something a bit more. In my eyes it’s still a messy PoC that needs a lot more work and testing to become stable. The purpose of PyExfil is to set as many exfiltration, and now also communication, techniques that CAN be used by various threat actors/malware around to bypass various detection and mitigation tools and techniques.

It can be used as pentesting tool and Red Teaming tool.

Although most techniques and methods can be easily ported and compiled to various operating systems, some stable some experimental, the transmission mechanism are stable on all techniques. Clone it, deploy on a node (or nodes in your organisation) and see which systems can catch which techniques.