Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.

Surreptitiously exfiltrate data from the browser over DNS

Database Driven DNS Server with a Web UI

Keylogging server and client that uses DNS tunneling/exfiltration to transmit keystrokes through firewalls.

ICMP and DNS tunneling via IPv4 and IPv6

Android VPN over DNS (no root required). Repo moved to gitlab

Sending messages by hacking the DNS protocol. See website for demo server usage instructions

Tunnel TCP or UDP traffic over TCP, (mutual) TLS or DNS (authoritative server or direct connection), implemented in Rust

Deep Learning for Domain Name System

Coyote is a standalone C# post-exploitation implant for maintaining access to compromised Windows infrastructure during red team engagements using DNS tunneling.

Here is an example which shows an idea how DNS tunneling can be implemented in Java.

Deep Learning Based DNS Tunneling Detection and Blocking System. Published with the same title. Publication code : aece 3/2021 - 5

proof of concept for a DNS tunneling client and server, for security education

Describes an architecture for DNS Tunneling detection at AWS cloud using ELK.

Detection of malware bot and botnet activities over DNS / Master's Thesis

DNS Tunnel

DNS Incident Response

A naive implementation of sharing a file over the DNS

Dynamic Time Warping for DNS Tunneling and Data Exfiltration