Windows Red Team Persistence Techniques | Red Team Series 5-12
This guide is part of the HackerSploit Red Team series of guides. Persistence consists of techniques that adversaries use to keep access to systems across restarts, changed credentials, and other interruptions that could cut off their access. Techniques used for persistence include any access, action, or configuration changes that let them maintain their foothold on systems, such as replacing or hijacking legitimate code or adding startup code.
Gaining an initial foothold is not enough, you need to set up and maintain persistent access to your targets.
0:21 What We’ll Be Covering
0:57 What is Persistence?
3:02 Mitre Attack Techniques – Persistence
3:55 Empire Persistence Modules
5:12 Let’s Get Started
5:21 Recap of Some Starkiller Features
7:37 Renaming Agents
8:55 Unprivileged vs Privileged Agents
10:23 Creating a an Additional Privileged Agent
17:15 Beginning our Persistence Techniques
18:23 Using the Registry-Key Persistence Module
26:08 Using the Scheduled Tasks Persistence Module
30:53 Using the WMI Persistence Module
33:43 Using Local User Accounts as a Means of Persistence
37:00 Using the PowerBreach Module to create a Backdoor
39:56 Checking if our Agents are Pinging Back
New to Linode? Get started here with a $100 credit!
Read the doc for more information on Persistence Techniques.
Learn more about Hackersploit.
Subscribe to get notified of new episodes as they come out.
#Linode #Security #RedTeam #Hackersploit
Product: Linode, Security, Red Team; Hackersploit;
Linux Red Team Exploitation Techniques | Red Team Series 4-12
You might also like…
Windows Privilege Escalation Techniques | Red Team Series 8-13In the eighth video in our series on Red Team Techniques, we will talk about Privilege Escalation Techniques in Windows.
Memory Forensics with Volatility | HackerSploit Blue Team SeriesIn this video, @HackerSploit will cover some examples of how to use Volatility in a Blue Team hacking scenario.
What Exactly is High Availability? Failover & High Availability Demonstration from ZSecurityHigh availability (HA) is a term that describes a website or application with maximum uptime and accessibility for the content stored on it.
Intrusion Detection with Snort – Blue Team Series with HackersploitIn this second episode of our Blue Team series @HackerSploit introduces intrusion detection with Snort, a powerful intrusion detection app.