frp

Fast Reverse Proxy (FRP) is an open-source tool designed to expose local servers behind a firewall or Network Address Translation (NAT) to the internet. While primarily intended for legitimate purposes, threat actors have misused FRP to facilitate unauthorized access and proxy command-and-control (C2) communications. By deploying FRP clients on compromised systems, attackers can tunnel various protocols, including TCP, UDP, and HTTP(S), effectively bypassing network security measures. This misuse has been observed in campaigns by state-sponsored groups, such as those affiliated with the People's Republic of China, to maintain persistent access and obfuscate their activities.