NECCDC Red Team: Quick HTTP Command and Control (C2) Trojans
In my previous blog post, I described the Northeast Cyber Collegiate Defense Competition (NECCDC) and started to explain some of the techniques the red team used. For this post, I’m going to cover two more C2 Trojans that I wrote using HTTP (GET and POST). Similar to the C2 DNS Trojan, the HTTP Trojans are unidirectional and do not require installing software on the victim. By using multiple techniques at varying frequency we increased the likelihood we would be able to maintain persistence throughout the competition.