Extend c2 module to generate malicious JA3 fingerprints

[tg]

Worth adding simulator for malicious TLS traffic, i.e. having known bad JA3 or certificate hashes.

[chrisforce1]

This one is a little complex as we'd need to set up servers and negotiate TLS in a particular way to generate JA3 (client) and JA3S (server) fingerprints that are known bad. I'll need to double-check on the certificate side of things, but we won't have the private keys, so that might not work.

[chrisforce1]

We should roll this into the c2 module with synthetic bad JA3 client fingerprints to a server we control that talks TLS (e.g. tls.sandbox.alphasoc.xyz) and we could even reply with a known bad JA3S server fingerprint, but that's not absolutely necessary (i.e. if it's a pain to implement)