Update README.md

Author: vysec

README.md

@@ -328,6 +328,29 @@ iptables -P FORWARD ACCEPT
 sysctl net.ipv4.ip_forward=1
 ```
 
+### SSH for HTTP
+
+We have previously covered using SSH for DNS tunnels. SSH works as a solid, and robust means to break through NAT and obtain a way for the implant to connect to a redirector annd into your server environment. First you must set up GatewayPorts forwarding or it won't work, using the following syntax on the redirector:
+
+```nano /etc/ssh/sshd_config``` add ```GatewayPorts yes```
+
+To forward the redirector's local port 80 to your internal teamsrver, use the following syntax on the internal server:
+
+```
+tmux new -S redir80
+ssh <redirector> -R *:80:localhost:80
+Ctrl+B, D
+```
+
+You can also forward more than one port, for example if you want 443 and 80 to be open all at once:
+
+```
+tmux new -S redir80443
+ssh <redirector> -R *:80:localhost:80 -R *:443:localhost:443
+Ctrl+B, D
+```
+
+
 ### Payloads and Web Redirection
 
 When serving payload and web resources, we want to minimize the ability for incident responders to review files and increase the chances of successfully executing the payload, whether to establish C2 or gather intelligence.