TLS fingerprinting of C2 Servers
Last updated 4 years ago
Salesforce released a tool called JARM that allows you to fingerprint C2 servers:
python jarm.py salesforce.com