Module 12 · Data Exfiltration Techniques

Manish Garg
Manish Garg Associate of (ISC)² · RingSafe
Apr 27, 2026
1 min read
Read as

Last updated: April 29, 2026

100% Free

No signup. No paywall. No catch. One of our 10 most-requested practitioner modules — published in full so anyone can learn for free. We earn through consulting, not by gating knowledge.

See all 10 free modules →

Data exfiltration is the goal of most non-ransomware attacks. Network defenders should know patterns.

Data exfiltration is the goal of most non-ransomware attacks. Network defenders should know patterns.

Common channels

  • HTTPS to attacker domain — most common; blends with legit traffic
  • HTTPS to cloud storage — Dropbox, Google Drive, AWS S3 (attacker bucket); user-agents look legitimate
  • DNS tunneling — covered Module 9 Networking
  • ICMP tunneling — niche but possible; ping payloads carry data
  • Email — webmail exfil through legitimate corporate email
  • Slack / Teams webhooks — outbound to legitimate SaaS but attacker-controlled workspace
Want this for your team?

Custom team training + practitioner advisory

Beyond the free academy — we run private workshops, vCISO advisory, and red-team exercises tailored to your stack. For Indian SMBs scaling past their first hire.

Book team training call Replies in 4 working hrs · India-only · Senior consultants
← Previous · Module 11
Module 11 · Red Team in Cloud
← Back to Academy Hub
Continue Learning

Other modules in this track

View all modules
Academy
Module 1 · Beginner

Red team vs pentest, engagement types, objectives, rules of engagement, and what a good red team…

Apr 22, 2026 · 4 min read
Academy
Module 2 · Intermediate

Phishing infrastructure, HTML smuggling, password spray, OAuth consent, and exposed-service exploitation.

Apr 22, 2026 · 5 min read
Academy
Module 3 · Advanced

Cobalt Strike, Sliver, Havoc, Mythic compared. Beacon anatomy, transports, malleable profiles, redirector architecture.

Apr 22, 2026 · 4 min read