Hi, I have a question
Sometimes when a computer is infected by malware, they will send their PC's information to C2 server via POST method
I wonder what they send to C2. But when I catch up PCAP by SA, most of them were sent by POST method.
Is there any means to check what they send using SA?