Data exfiltration is an important part of internal network pentests and red team engagements. See how SCP can get past network restrictions for the win.

InfoSecWriteUps' platform is  dedicated to providing insights and resources for cybersecurity professionals and enthusiasts. Through articles, tutorials, and security research, InfoSecWriteUps offers insights into cybersecurity vulnerabilities, attack techniques, and defense strategies. Readers can learn about penetration testing, threat intelligence, and incident response to enhance their cybersecurity knowledge and skills.

InfoSec Write-ups

A walkthrough on using SCP (Secure Copy Protocol) for data exfiltration during internal penetration tests and red team engagements. The technique leverages SSH's ability to egress through corporate firewalls by setting up SSH key pairs, a reverse SSH tunnel through a cloud VPS, and an SSH config file with named host profiles. Once the tunnel is established, files and directories can be transferred with simple SCP commands, blending into normal administrative traffic on Linux environments.

SCP for Data Exfiltration on Pentests