Reference for data exfiltration methods from trusted tools (LOLBins, RMM tools, backup softwares, cloud storage services, tunneling, browser extensions and more)
hundreds of tools across 9 categories, each with:
- endpoint and network detection patterns
- simulation commands
- DFIR artifacts
- IOC artifacts (ports, pipes, service names, mutexes, User-Agents...)
- code signer info
- references to threat reports and github projects
👩💻 Please contribute 👩💻
