Red Team Tutorial: Design and setup of C2 traffic redirectors

Dmitrijs Trizna
8 min readJan 2, 2021

Abstract

Control of compromised machines within the target network happens through specifically designed Command & Control (C&C, C2) infrastructure. This article describes the rationale behind C2 design decisions and provides a step-by-step setup of the C2 redirector.

The report may be valuable for defensive analysts as insight in operations of adversary groups, as well as provide the necessary information for those willing to simulate adversary C2 channels. We will cover how one can build a…

Dmitrijs Trizna

Sr. Security Software Engineer @ Microsoft. This blog is an independent research at the intersection of Machine Learning and Threat Hunting.