C2 via Legitimate Services
Last modification on
LOLC2 is a collection of legitimate services and how to use for command-and-control. The detection sections for Microsoft services are especially interesting (funny) to look at:
# Microsoft Sharepoint
## C2 Projects:
https://github.com/looCiprian/GC2-sheet
https://github.com/RedSiege/GraphStrike
## Detection:
url: https://graph.microsoft.com/v1.0/sites/*/lists/*/items/
url: https://graph.microsoft.com/v1.0/sites/*/lists/*