DataLeakTest


DLP Validation,Testing

+Cloud DLP

Test Rasomware & Email Fraud @ emailspooftest.com

Your public IP address is: 54.236.35.159; more info

Updated 10/12/2020

DLP Help

SSL is: on ;  more info

DLP Auditor

POST Test

GET Test

Upload Test

Email Test

FTP Testing

Session Info

Services

Data Loss Prevention (DLP) Get WebForm Data Self Test

Built by Engineers for Engineers

  This page is used to test data leakage out to the web using the Get method. Read below for more info.

 
---trusted partner test site---

----------------------
Fight ransomware and phishing
 with our email fraud testing platform!
emailSpooftest.com
 

1) Select SSL OFF or SSL ON (currently on)

2) Insert data into the box below and then click "GET TEST" to attempt leakage

2) A results page will display any data leaked


 *Function: data is loaded into DataLeakTest.com web server memory then displayed on the results page as part of the URL. The data is not retained when your session ends.

sample-data.csv     sample-data.pdf     sample-data.xls     Page

SSL is on ; it is much more challenging for Data Security tools to detect a leak over SSL.

Turn SSL OFF

Turn SSL ON

How to use this page (3 min)

  Data Security testing: use this site to test controls that trigger security functions

Enterprise DLP testing: visit this page from inside your enterprise to test for data leakage policy compliance.

Endpoint DLP testing: visit this page from any corporate computing device to test detection and prevention of Endpoint DLP solutions.

Cloud Data Theft testing: visit this page from your cloud database server to test the ability to leak test data -simulating mass data exfiltration or abnormal data behavior.

CASB: in full cloud proxy deployments this site can be used to test advanced CASB DLP capabilities.
 

 

GET is the least common method used to leak data over web page forms. Social media sites, blogs, forums, some web based email forms, as well as botnet/ back door, malware phone home, and data theft tools can use this method to "exfiltrate" or steal data.s

GET is a method of upload from a web page form where the page variables (form data) are pulled from server. In this case when the "Submit" button is pushed the variables/ data are pulled from the server to be used to build the content of the following page. If the Data Security product worked a block page will be displayed. If the page displays showing your data then the data was successfully leaked to the world.

* Network based Data Security tools usually do not detect this method because of the overhead associated with looking at every GET request. A GET request is made every time the browser calls a page or site. Typically the GET is used by the browser to retrieve content and POST is used to send data to the web server from the browser.

 This page demonstrates that the GET method can be used to steal data and get around network-based security devices. GET over HTTPS (SSL) usually can get through all security tools even if the tool can inspect HTTPS (SSL). Endpoint based Data Security tools are best suited for detecting data leaks that leverage the GET style of upload.

 

**Data posted through the "GET" form is not collected or stored

 

---ads here to fund our site, please turn ad blockers off---


Donate to help build free tools: donations help to pay the bills

---ads here to fund our site, please turn ad blockers off---


Instant DLP help

 

 

Have data security questions? Want expert advice? Just want to say hello or give suggestions?

Please use the form to instantly email our team.
Name:  
Email:  
Phone:  
Message:

---ads here to fund our site, please turn ad blockers off---


---ads here to fund our site, please turn ad blockers off---


 


2020 IGNITE Cyber