![]() Updated 1/8/2021 |
DLP Validation & Testing Your public IP address is: 3.238.88.35; IP info : Session Info |
SSL is: on ; more info |
Data Loss Prevention (DLP) Get WebForm Data Self Test Built by Engineers for Engineers
GET is the least common method used to leak data over web page forms. Social media sites, blogs, forums, some web based email forms, as well as botnet/ back door, malware phone home, and data theft tools can use this method to "exfiltrate" or steal data.s GET is a method of upload from a web page form where the page variables (form data) are pulled from server. In this case when the "Submit" button is pushed the variables/ data are pulled from the server to be used to build the content of the following page. If the Data Security product worked a block page will be displayed. If the page displays showing your data then the data was successfully leaked to the world. * Network based Data Security tools usually do not detect this method because of the overhead associated with looking at every GET request. A GET request is made every time the browser calls a page or site. Typically the GET is used by the browser to retrieve content and POST is used to send data to the web server from the browser. This page demonstrates that the GET method can be used to steal data and get around network-based security devices. GET over HTTPS (SSL) usually can get through all security tools even if the tool can inspect HTTPS (SSL). Endpoint based Data Security tools are best suited for detecting data leaks that leverage the GET style of upload.
**Data posted through the "GET" form is not collected or stored |
Donate to help build free tools: donations help to pay the bills |
||||||
|
|
|
||||
|
||||||
![]() 2021 IGNITE Cyber |