https://securityonline.info/new-powershell-threat-infiltrating-networks-with-advanced-techniques/
- look into chisel and netskope proxy. This is a way that threat actors are hiding c2 traffic
https://securityonline.info/new-powershell-threat-infiltrating-networks-with-advanced-techniques/