Proxy
Adversaries may use a connection proxy to direct network traffic between systems or act as an intermediary for network communications to a command and control server to avoid direct connections to their infrastructure. Many tools exist that enable traffic redirection through proxies or port redirection, including [HTRAN](https://attack.mitre.org/software/S0040), ZXProxy, and ZXPortMap. (Citation: Trend Micro APT Attack Tools) Adversaries use these types of proxies to manage command and control c...
BY SOURCE
PROCEDURES (23)
Auto-extracted: 6 detections for process creation monitoring
Auto-extracted: 4 detections for general monitoring
Auto-extracted: 3 detections for command and control
Auto-extracted: 3 detections for exfiltrat
Auto-extracted: 3 detections for persist
Auto-extracted: 3 detections for c2
Auto-extracted: 2 detections for cloud
Auto-extracted: 2 detections for bypass
Auto-extracted: 2 detections for tunnel
Auto-extracted: 2 detections for service
Auto-extracted: 2 detections for remote
Auto-extracted: 1 detections for tunnel
Auto-extracted: 1 detections for suspicious
Auto-extracted: 1 detections for bypass
Auto-extracted: 1 detections for registry monitoring
Auto-extracted: 1 detections for persist
Auto-extracted: 1 detections for http
Auto-extracted: 1 detections for bypass
Auto-extracted: 1 detections for exfiltrat
Auto-extracted: 1 detections for http
Auto-extracted: 1 detections for c2
Auto-extracted: 1 detections for suspicious
Auto-extracted: 1 detections for network connection monitoring