Steffen Wendzel's Network Covert Channel Tools
This repository contains some of my covert channel projects and also refers to some other repositories where I host my additional covert channel projects.
If you need an introduction, check out my free open online class on network covert channels.
- pct: Protocol Channel Tool (
pct
a PoC implementation to show that so-called protocol channels are feasible). - phcct: Protocol Hopping Covert Channel Tool (
phcct
was the first (2007) implementation of a protocol hopping covert channel). - vstt: Very Strange Tunneling Tool (this was my first network CC tool. I wrote
vstt
as a 2nd semester student. It can tunnel through ICMP, TCP, ...). - pcaw: Protocol Channel-aware Active Warden (
pcaw
is a countermeasure to reduce the channel successful transfer bitrate/capacity of protocol channels (and protocol hopping covert channels), I wrote this in 2012 as contribution to my PhD thesis).
- NeFiAS: Network Forensic & Anomaly Detection System (tool for covert channel/network steganography detection).
- CCEAP: Covert Channel Educational Analysis Protocol (a tool for teaching network covert channel patterns).
- NELphase: Network Environment Learning Phase (a tool that implements a covert channel capable of performing an network environment learning (NEL) phase and that can be used to test active and passive wardens).
- DYST: The first history covert channel implementation
- WiFi Reconnection-based Covert Channel: My PhD student Sebastian Zillien developed this PoC code to demonstrate a WiFi reconnection-based covert channel that exploits pattern PT15 (Artificial Reconnections) by forcing WiFi clients to reconnect. The channel can provide anonymity for covert sender and covert receiver.
- CoAP Reset-/Reconnection-based Covert Channels: Another tool by my PhD students.
- Luca's list of stego tools on Github: https://github.com/lucacav/steg-tools