Data Leak Test

Independent Data Theft Prevention [DTP], Data Loss Prevention [DLP]

Your public IP address is: 54.225.16.10 more info

SSL is off more info

Data Leak Testing

Industry Information

Sample Data

Session Info

Contact

About DLT

 

Are you leaking data through web "GET"?

 

"GET" should be detected by all Data Security Endpoint based solutions. NOT usually detected by Network based Data Security tools more info

Insert data to be uploaded with "GET" in the box below and then click "GET" to test. A results page will display if the data was able to be leaked.

 

                                                                         

 

SSL is off ; it is much more challenging for Data Security tools to detect a leak over SSL.

Turn SSL OFF

Turn SSL ON

GET is the least common method used to leak data over web page forms. Social media sites, blogs, forums, some web based email forms, as well as botnet/ back door, malware phone home, and data theft tools can use this method to "exfiltrate" or steal data.

The GET method should be detected by all Data Security endpoint based solutions. NOT usually detected by network based Data Security tools.

GET is a method of upload from a web page form where the page variables (form data) are pulled from server. In this case when the "Submit" button is pushed the variables/ data are pulled from the server to be used to build the content of the following page. If the Data Security product worked a block page will be displayed. If the page displays showing your data then the data was successfully leaked to the world.

* Network based Data Security tools usually do not detect this method because of the overhead associated with looking at every GET request. A GET request is made every time the browser calls a page or site. Typically the GET is used by the browser to retrieve content and POST is used to send data to the web server from the browser.

 This page demonstrates that the GET method can be used to steal data and get around network-based security devices. GET over HTTPS (SSL) usually can get through all security tools even if the tool can inspect HTTPS (SSL). Endpoint based Data Security tools are best suited for detecting data leaks that leverage the GET style of upload.

 

**Data posted through the "GET" form is not collected or stored

 

 

Need help understanding how to protect your data? Please contact us and we will guide you.

Contact

 

 

Have data security questions? Want expert advice? Just want to say hello or give suggestions? Please use the form below to get in touch with us immediately.

 

Name:  
Email:  
Phone:  
Message: