Security Cipher

  1. Home
  2. Docs
  3. Security Resources
  4. Security Resources
  5. Out-of-Band Exfiltration Tools

Out-of-Band Exfiltration Tools

Here is a list of tools and services that you can use during your Bug Bounty for Out-of-Band Exploitation.

Tools / ServicesDescription
Burp Collaborator [ Pro Only]Burp Collaborator to induce your target application to interact with the external Collaborator server, and then identify that the interaction has occurred.@PortSwigger

An OOB interaction gathering server and client library@pdiscoveryio
https://webhook.siteYou instantly get a unique, random URL and e-mail address. Everything that’s sent to these addresses are shown instantly.@webhooksite
https://requestcatcher.comRequest Catcher will create a subdomain on which you can test an application. All requests sent to any path on the subdomain are forwarded to your browser in real helps track activity and actions on your network.@thinkst
http://dnsbin.zhack.caThe request.bin of DNS request
https://ngrok.comngrok is a secure unified ingress platform that combines your reverse proxy, firewall, API gateway and global load balancing into a production service.@ngrokHQ
http://serveo.netExpose local servers to the internet@trevordixon modern request bin to inspect any event@RequestBin
http://beeceptor.comCreate a mock server and start building…@beeceptor PostBin to collect all requests to a special URL which you can use to test your API Clients or your WebHooks. Inspect your bin visually on this website, or use our API to programmatically test your libraries, clients, projects, SaaS or websites.@toptal simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams/Lark/Telegram & Pushover support@sudosammy

Leave a Reply