Network-based threat hunting matrix
Attack themesTechniquesThreat actors

Command and control

Last updated Feb 12, 2019

A command and control (C&C) Server is a computer controlled by an attacker or cybercriminal which is used to send commands to systems compromised by malware and receive stolen data from a target network.

Well known techniques

  • HTTP
  • DNS

Matrix techniques

  • Peer-to-peer
  • IRC
  • ICMP
  • DNS
  • Webshell
  • Remote Admin Tools
  • Listening Service
  • HTTP

References

  • Command and Control [C&C] Server

Network-based threat hunting matrix

  • Network-based threat hunting matrix
  • bdb6115@rit.edu
  • CptOfEvilMinions
  • CptOfEvilMinion

The deliverable from this project is a MITRE ATT&CK like matrix for network-based threat hunting. In the current landscape of security, we need to monitor endpoints and network traffic. This matrix is a collection of techniques to hunt for on the network with potential mitigations and detections.