The file upload method is the primary cause of large data leaks. Web
storage, web applications, web email, as well as botnet/ back door, malware
phone home, and data theft tools often use this method to "exfiltrate" or steal
Data Security testing: use this site to test controls that trigger
Enterprise DLP testing: visit this
page from inside your enterprise to test for data leakage policy
Endpoint DLP testing: visit this page from
any corporate computing device to test detection and prevention
of Endpoint DLP solutions.
Cloud Data Theft testing:
visit this page from your cloud database server to test the
ability to leak test data -simulating mass data exfiltration or
abnormal data behavior.
CASB: in full cloud proxy
deployments this site can be used to test advanced CASB DLP
Data leakage by file upload over HTTP and HTTPS should be detected by all Data Security tools for both Endpoint and Networks.
Results will be shown immediately. Data is stored on a web
server then deleted automatically.
DLP OCR (scanning a picture of data) Testing Data:
The File Upload Method should be detected by all Data Security tools over
HTTP and HTTPS (SSL) for both Endpoint and Network based solutions.
File Upload is a method of upload from a web page form where the file(s) are
pushed up to the server from the client machine. In this case when the "Upload
File" button is pushed the file is sent to the server to be stored. If the Data
Security product worked a block page will be displayed. If the page displays a
successful upload message then the data was successfully leaked to the world
All file submissions to this site are deleted automatically. Do not
upload private data. This is a test site for data theft please use only test
site is not liable for the storage or security of any data that you upload.
Frequently Asked Questions
What just happened?
If you see a successful upload message above then your
data was able to be leaked out of your organization. The data successfully left
Where did my data go?
Your data was sent to
dataleaktest.com using the File Upload method and the results shown on the
How do I protect my Data assets from leakage?
A network based data
security tool or an Endpoint based data security tool should be able to stop
leaks that use the File Upload method.
What internet technologies commonly use the file
upload method to get data?
Email uploads of some web based email
Social media commenting (usually SSL)
Email body of web based email (usually SSL)
Blogs, forums and message board
Flash based applications
---ads here to fund our site, please turn ad blockers off---