Reverse RDP tunnel

Reverse RDP tunneling is when an attacker initiates a connection outbound to a server. The attacker can use this server to perform actions on this host.

Malware/Threat actors

Name	Type	Years	Source
HURRICANE PANDA	threat actor	2014	GlobalThreatIntelReport.pdf ICIT-Brief-China-Espionage-Dynasty.pdf Threat%20Group%20Cards.pdf GlobalThreatIntelReport.pdf

Preventions

<Mitigation techniques>

Detections

<Detection techniques>

Toolkit

<Toolkit instructions, if applicable>

Similar techniques

VPN tunneling
Trusted third party
Certificate impersonation
Domain spoofing
ARP spoofing

References

[<Source name>](<Source link>)