0xploit.com

Malware RED TEAM Operator: Windows Persistence Course By SekTor7

HackingAssets

HackingAssets

Member
Lucifer
Joined
Aug 12, 2022
Messages
163
Hellcoins
♆1,601
Username Style (Gradient Colours)
ncq1yhy92l65g2gwk4kchbh6zvvp

27 persistence methods in Windows. From basic to advanced, unique and known, used in malware like Stuxnet or Flame and by nation-state threat actors, including EquationGroup, Turla and APT29.

Contents​

Intro and Setup​

Introduction to Windows Persistence
Intro Addendum
Course VM Setup
RTO-PERS.ova
RTO-pers.zip

Low Privilege Persistence​

Start Folder and Registry Keys
Logon Scripts
Shortcut Mods
Screensavers
Powershell Profile
DLL Proxying - Introduction
DLL Proxying - Demo
Component Object Model - Introduction
COMs Registry
COM Hijacks and Proxies

Admin Level Persistence​

Elevated Scheduled Tasks
Multiaction Tasks
New & Modified Services
IFEO - Debugger / SilentProcessExit / Verifier
Application Shims
Windows Management Instrumentation - Introduction
WMI Event Subscription
AppCert DLLs
AppInit DLLs
Netsh Helper DLLs
Winlogon - SHELL / USERINIT
Time Providers
Port Monitors
Local Security Authority - Introduction
LSA-as-a-Persistence - SSPs & AuthPkgs
LSA-as-a-Persistence - Password Filters

Assignments​

Assignment #1
Assignment #2
Assignment #3
Assignment #4

Wrap up​

Summary and Next Steps

Watch Online Or Download:
 
Last edited by a moderator:
R

reed.hamze67

New member
Joined
Dec 18, 2022
Messages
1
Hellcoins
♆18
HackingAssets said:
ncq1yhy92l65g2gwk4kchbh6zvvp

27 persistence methods in Windows. From basic to advanced, unique and known, used in malware like Stuxnet or Flame and by nation-state threat actors, including EquationGroup, Turla and APT29.

Contents​

Intro and Setup​

Introduction to Windows Persistence
Intro Addendum
Course VM Setup
RTO-PERS.ova
RTO-pers.zip

Low Privilege Persistence​

Start Folder and Registry Keys
Logon Scripts
Shortcut Mods
Screensavers
Powershell Profile
DLL Proxying - Introduction
DLL Proxying - Demo
Component Object Model - Introduction
COMs Registry
COM Hijacks and Proxies

Admin Level Persistence​

Elevated Scheduled Tasks
Multiaction Tasks
New & Modified Services
IFEO - Debugger / SilentProcessExit / Verifier
Application Shims
Windows Management Instrumentation - Introduction
WMI Event Subscription
AppCert DLLs
AppInit DLLs
Netsh Helper DLLs
Winlogon - SHELL / USERINIT
Time Providers
Port Monitors
Local Security Authority - Introduction
LSA-as-a-Persistence - SSPs & AuthPkgs
LSA-as-a-Persistence - Password Filters

Assignments​

Assignment #1
Assignment #2
Assignment #3
Assignment #4

Wrap up​

Summary and Next Steps

Watch Online Or Download:
[Hidden content]
Click to expand...
thanks
 
LikeOsado

LikeOsado

New member
Joined
Feb 12, 2023
Messages
4
Hellcoins
♆33
HackingAssets said:
ncq1yhy92l65g2gwk4kchbh6zvvp

27 persistence methods in Windows. From basic to advanced, unique and known, used in malware like Stuxnet or Flame and by nation-state threat actors, including EquationGroup, Turla and APT29.

Contents​

Intro and Setup​

Introduction to Windows Persistence
Intro Addendum
Course VM Setup
RTO-PERS.ova
RTO-pers.zip

Low Privilege Persistence​

Start Folder and Registry Keys
Logon Scripts
Shortcut Mods
Screensavers
Powershell Profile
DLL Proxying - Introduction
DLL Proxying - Demo
Component Object Model - Introduction
COMs Registry
COM Hijacks and Proxies

Admin Level Persistence​

Elevated Scheduled Tasks
Multiaction Tasks
New & Modified Services
IFEO - Debugger / SilentProcessExit / Verifier
Application Shims
Windows Management Instrumentation - Introduction
WMI Event Subscription
AppCert DLLs
AppInit DLLs
Netsh Helper DLLs
Winlogon - SHELL / USERINIT
Time Providers
Port Monitors
Local Security Authority - Introduction
LSA-as-a-Persistence - SSPs & AuthPkgs
LSA-as-a-Persistence - Password Filters

Assignments​

Assignment #1
Assignment #2
Assignment #3
Assignment #4

Wrap up​

Summary and Next Steps

Watch Online Or Download:
[Hidden content]
Click to expand...
ty
 
J

jqxw_jvnwg48

New member
Joined
Feb 19, 2023
Messages
4
Hellcoins
♆21
HackingAssets said:
ncq1yhy92l65g2gwk4kchbh6zvvp

27 persistence methods in Windows. From basic to advanced, unique and known, used in malware like Stuxnet or Flame and by nation-state threat actors, including EquationGroup, Turla and APT29.

Contents​

Intro and Setup​

Introduction to Windows Persistence
Intro Addendum
Course VM Setup
RTO-PERS.ova
RTO-pers.zip

Low Privilege Persistence​

Start Folder and Registry Keys
Logon Scripts
Shortcut Mods
Screensavers
Powershell Profile
DLL Proxying - Introduction
DLL Proxying - Demo
Component Object Model - Introduction
COMs Registry
COM Hijacks and Proxies

Admin Level Persistence​

Elevated Scheduled Tasks
Multiaction Tasks
New & Modified Services
IFEO - Debugger / SilentProcessExit / Verifier
Application Shims
Windows Management Instrumentation - Introduction
WMI Event Subscription
AppCert DLLs
AppInit DLLs
Netsh Helper DLLs
Winlogon - SHELL / USERINIT
Time Providers
Port Monitors
Local Security Authority - Introduction
LSA-as-a-Persistence - SSPs & AuthPkgs
LSA-as-a-Persistence - Password Filters

Assignments​

Assignment #1
Assignment #2
Assignment #3
Assignment #4

Wrap up​

Summary and Next Steps

Watch Online Or Download:
[Hidden content]
Click to expand...
PErsitenceeee
 
G

godcomplex

New member
Joined
Mar 12, 2023
Messages
3
Hellcoins
♆31
a
HackingAssets said:
ncq1yhy92l65g2gwk4kchbh6zvvp

27 persistence methods in Windows. From basic to advanced, unique and known, used in malware like Stuxnet or Flame and by nation-state threat actors, including EquationGroup, Turla and APT29.

Contents​

Intro and Setup​

Introduction to Windows Persistence
Intro Addendum
Course VM Setup
RTO-PERS.ova
RTO-pers.zip

Low Privilege Persistence​

Start Folder and Registry Keys
Logon Scripts
Shortcut Mods
Screensavers
Powershell Profile
DLL Proxying - Introduction
DLL Proxying - Demo
Component Object Model - Introduction
COMs Registry
COM Hijacks and Proxies

Admin Level Persistence​

Elevated Scheduled Tasks
Multiaction Tasks
New & Modified Services
IFEO - Debugger / SilentProcessExit / Verifier
Application Shims
Windows Management Instrumentation - Introduction
WMI Event Subscription
AppCert DLLs
AppInit DLLs
Netsh Helper DLLs
Winlogon - SHELL / USERINIT
Time Providers
Port Monitors
Local Security Authority - Introduction
LSA-as-a-Persistence - SSPs & AuthPkgs
LSA-as-a-Persistence - Password Filters

Assignments​

Assignment #1
Assignment #2
Assignment #3
Assignment #4

Wrap up​

Summary and Next Steps

Watch Online Or Download:
[Hidden content]
Click to expand...
also very usefull thanks
 
You must log in or register to reply here.
Top