Tag Archives: Sensitive Information

July 26, 2020   No comments

Egress-Assess – Tool to Test Egress Detection Capabilities

Egress-Assess is a tool used to test egress data detection capabilities. Typical use case for Egress-Assess is to copy this tool in two locations.

Read More
May 25, 2020   No comments

Talisman – Tool to Prevent Secrets from Getting Checked in

Talisman is a tool is to validate code changes that are to be pushed out of a local Git repository on a developer’s workstation.

Read More
April 29, 2020   No comments

Vault – Framework to Manage Secrets

Vault is a tool for securely accessing secrets. A secret is anything that you want to tightly control access to, such as API keys, passwords

Read More
March 13, 2020   No comments

Dnsteal – DNS Exfiltration Tool for sending files over DNS

Dnsteal is a fake DNS server that allows you to stealthily extract files from a victim machine through DNS requests. This can be useful during a Redteam

Read More
June 8, 2019   No comments

DumpsterDiver – Tool to Search Secrets in Various Files

DumpsterDiver is a tool used to analyze big volumes of various file types in search of hardcoded secrets like keys (e.g. AWS Access Key, Azure Share Key or SSH keys) or passwords.

Read More
February 6, 2019   No comments

truffleHog – Searches Git Repositories for Credentials

truffleHog is a tool that you search through git repositories for secrets, digging deep into commit history and branches.

Read More
November 29, 2018   No comments

Egression – Tool to Test Egress Controls

EGRESSION is a tool that provides an instant view of how easy it is to upload sensitive data from any given network.

Read More
« Older posts