GRID acts as 10’s of thousands of network hosts that can proxy callbacks and serve malicious files.[^1] It is a multi-tier distributed C2.[^1] It creates thousands of virtualized network interfaces.[^1] This can be used to reverse proxy any ports back to a single IP address.[^1] It has a CDN service that acts as a layer 7 router to send traffic to pre-defined places.[^1] This can also be used to reference files in a distributed fashion by referencing a file object across multiple network interfaces using a custom shortcode URL.[^1] This allows for staging of binaries and payloads at unique 1-use IP addresses.[^1] It needs to have unique SSL certificates to match each virtual hostname.[^1] This tool requires a custom DNS server.[^1]
Backlinks
[[Blue Teaming]]
DNS
IP Addresses
[[ORB Networks]]
[[Red Teaming]]
[[SSL]]
Sources
[1] A. Levinson, “Know Your Opponent: My CCDC Toolbox.” [Online]. Available: https://alexlevinson.wordpress.com/2017/05/09/know-your-opponent-my-ccdc-toolbox/