This was so cooool. Dude, your delivery and story telling is on point. Also, making a quick example app to demonstrate the point was such a good touch.
The worse botnets are usually the P2P kind, or even Tor based ones (since they are hard to track without A LOT of resources and luck). Traditional C&C ones can rely on different techniques like random domain generation algorithms, meaning even if you take down one domain, at some point it will use a new one. You need something like this, since if you hardcode a domain or IP, a takedown will easily make all those existing bots unusable (unless they have some "trusted" source to update where to connect to instead). This stuff is always interesting to me, so happy to see it!
meanwhile me making a websocket based c&c botnet using domain generation algorithms based on a specific seed encrypted with asymmetrical encryption just because i was bored