Command and Control with WebSockets WSC2
Summary
This article discusses the use of WebSockets for Command and Control (C2) in penetration testing, specifically detailing a technique called WSC2. The author shares their experience discovering and utilizing this method during a web application security assessment.
IFF Assessment
FOE
This article describes a technique that can be used by attackers to establish command and control channels, which is detrimental to defenders.
Defender Context
Understanding how attackers leverage common web technologies like WebSockets for C2 is crucial for defenders. This knowledge can inform the development of detection rules and network monitoring strategies to identify such malicious traffic.