search

alphasoc / flightsim

A utility to safely generate malicious network traffic patterns and evaluate controls.
https://alphasoc.com
Other
1.25k stars 132 forks source link

New module: encrypted-dns #19

Open chrisforce1 opened 4 years ago

chrisforce1 commented 4 years ago

DNS tunneling over DNS-over-HTTPS (DoH) to *.sandbox.alphasoc.xyz via a random public server picked from the list below.

https://dns.google/dns-query
https://cloudflare-dns.com/dns-query
https://dns.quad9.net/dns-query
https://doh.opendns.com/dns-query
https://doh.powerdns.org -- shutdown planned for 15.09.2021 according to https://powerdns.org/doh/privacy.html
chrisforce1 commented 3 years ago

From our chat we could invoke this module in these kind of ways, and extend beyond DoH to DoT and DNSCrypt, e.g.

flightsim run encrypted-dns:doh
flightsim run encrypted-dns:dnscrypt

Invoking without a protocol argument would just run some random DoH / DoT / DNSCrypt tests (dealer's choice).

Here are the notes for the other transport mechanisms: