Exfiltrate Files Using the DNS

This page summarizes the projects mentioned and recommended in the original post on news.ycombinator.com

Our great sponsors
  • InfluxDB - Power Real-Time Data Analytics at Scale
  • WorkOS - The modern identity platform for B2B SaaS
  • SaaSHub - Software Alternatives and Reviews
  • iodine

    Official git repo for iodine dns tunnel

    Worth mentioning the Iodine project which allows for arbitrary IPv4 to be tunnelled over DNS, which can be useful on a few different restrictive networks.

    https://code.kryo.se/iodine/

    (I also like the naming pun; DNS running on port 53 with Iodine having the atomic number 53.)

  • choir

    Go library for privacy-preserving error reporting using DNS

    For a variation of this technique see this handy golang differential-privacy metrics collection library that uses DNS: https://github.com/Jigsaw-Code/choir

    Currently used by the Jigsaw group at Google to collect metrics from behind censoring ISPs.

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

  • browsertunnel

    Surreptitiously exfiltrate data from the browser over DNS

    This is also possible to do over the browser (just one-way communication, unfortunately) using dns-prefetch tags:

    https://github.com/veggiedefender/browsertunnel

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts