Exfiltration Over Alternative Protocol: Exfiltration Over Unencrypted/Obfuscated Non-C2 Protocol (Windows)


Adversaries may steal data by exfiltrating it over an un-encrypted network protocol other than that of the existing command and control channel. 

Products, Sensors, and Dependencies

ProductDependenciesData sourceAccess requiredProtocolData CollectedNotes
Tenable Vulnerability ManagementAdvanced Network ScanWindows machinesAuthenticated ScanOS CommandComputer ConnectivityPlugin ID: 64582


Netstat Connection Information

Attack Path Technique Details

Framework: MITRE ATT&CK

Family: Exfiltration

Platform: Windows

Tenable Release Date: 2022 Q3 (GA)