Data Leak Test
DLP Validation and Testing

 

Your public IP address is: 3.227.211.246; more info

Data Loss Prevention (DLP) updated Jan 7, 2020

 

SSL is: off ; more info

Mega Test

POST Test

GET Test

Upload Test

Email Test

Industry Info

Session Info

About DLT

Data Loss Prevention (DLP) Get WebForm Data Self Test

Built by Engineers for Engineers

 
"GET" should be detected by all endpoint based Data Security solutions. Not usually detected by network based Data Security tools more info

Get is very sneaky method that uses the URL format to have the server "GET" data from the browser. Because the data is stored in the URL, the character limit will depend on your browser configuration.

 

1) Select SSL OFF or SSL ON (currently off)

2) Insert data into the box below and then click "GET TEST" to attempt leakage

2) A results page will display any data leaked


 *Function: data is loaded into DataLeakTest.com web server memory then displayed on the results page as part of the URL. The data is not retained when your session ends.

sample-data.csv     sample-data.pdf     sample-data.xls     Page

SSL is off ; it is much more challenging for Data Security tools to detect a leak over SSL.

Turn SSL OFF

Turn SSL ON

Donate to help build free tools: donations help to pay the bills

GET is the least common method used to leak data over web page forms. Social media sites, blogs, forums, some web based email forms, as well as botnet/ back door, malware phone home, and data theft tools can use this method to "exfiltrate" or steal data.s

GET is a method of upload from a web page form where the page variables (form data) are pulled from server. In this case when the "Submit" button is pushed the variables/ data are pulled from the server to be used to build the content of the following page. If the Data Security product worked a block page will be displayed. If the page displays showing your data then the data was successfully leaked to the world.

* Network based Data Security tools usually do not detect this method because of the overhead associated with looking at every GET request. A GET request is made every time the browser calls a page or site. Typically the GET is used by the browser to retrieve content and POST is used to send data to the web server from the browser.

 This page demonstrates that the GET method can be used to steal data and get around network-based security devices. GET over HTTPS (SSL) usually can get through all security tools even if the tool can inspect HTTPS (SSL). Endpoint based Data Security tools are best suited for detecting data leaks that leverage the GET style of upload.

 

**Data posted through the "GET" form is not collected or stored

 

 

Need help understanding how to protect your data? Please contact us and we will guide you.

Contact

 

 

Have data security questions? Want expert advice? Just want to say hello or give suggestions?

Please use the form to instantly message our team.
Name:  
Email:  
Phone:  
Message:



IGNITE Cyber Security