Sign in to confirm you’re not a bot
This helps protect our community. Learn more

Windows Red Team Persistence Techniques | Red Team Series 5-13

Akamai Developer
1.04M subscribers
<__slot-el>
<__slot-el>
2.3K views 3 years ago #RedTeam #Security #Linode
This guide is part of the ‪@HackerSploit‬ Red Team series of guides. Persistence consists of techniques that adversaries use to keep access to systems across restarts, changed credentials, and other interruptions that could cut off their access. Techniques used for persistence include any access, action, or configuration changes that let them maintain their foothold on systems, such as replacing or hijacking legitimate code or adding startup code. Gaining an initial foothold is not enough, you need to set up and maintain persistent access to your targets. Chapters: 0:00 Introduction 0:21 What We’ll Be Covering 0:57 What is Persistence? 3:02 Mitre Attack Techniques - Persistence 3:55 Empire Persistence Modules 5:12 Let’s Get Started 5:21 Recap of Some Starkiller Features 7:37 Renaming Agents 8:55 Unprivileged vs Privileged Agents 10:23 Creating a an Additional Privileged Agent 17:15 Beginning our Persistence Techniques 18:23 Using the Registry ...more
...more

Introduction

0:00

What We’ll Be Covering

0:21

What is Persistence?

0:57

Mitre Attack Techniques - Persistence

3:02

Empire Persistence Modules

3:55

Let’s Get Started

5:12

Recap of Some Starkiller Features

5:21

Renaming Agents

7:37

Unprivileged vs Privileged Agents

8:55

Creating a an Additional Privileged Agent

10:23

Beginning our Persistence Techniques

17:15

Using the Registry-Key Persistence Module

18:23

Using the Scheduled Tasks Persistence Module

26:08

Using the WMI Persistence Module

30:53

Using Local User Accounts as a Means of Persistence

33:43

Using the PowerBreach Module to create a Backdoor

37:00

Checking if our Agents are Pinging Back

39:56

Conclusion

42:37
Windows Red Team Persistence Techniques | Red Team Series 5-13
34Likes
2,377Views
2022Apr 4
This guide is part of the ‪@HackerSploit‬ Red Team series of guides. Persistence consists of techniques that adversaries use to keep access to systems across restarts, changed credentials, and other interruptions that could cut off their access. Techniques used for persistence include any access, action, or configuration changes that let them maintain their foothold on systems, such as replacing or hijacking legitimate code or adding startup code. Gaining an initial foothold is not enough, you need to set up and maintain persistent access to your targets. Chapters: 0:00 Introduction 0:21 What We’ll Be Covering 0:57 What is Persistence? 3:02 Mitre Attack Techniques - Persistence 3:55 Empire Persistence Modules 5:12 Let’s Get Started 5:21 Recap of Some Starkiller Features 7:37 Renaming Agents 8:55 Unprivileged vs Privileged Agents 10:23 Creating a an Additional Privileged Agent 17:15 Beginning our Persistence Techniques 18:23 Using the Registry-Key Persistence Module 26:08 Using the Scheduled Tasks Persistence Module 30:53 Using the WMI Persistence Module 33:43 Using Local User Accounts as a Means of Persistence 37:00 Using the PowerBreach Module to create a Backdoor 39:56 Checking if our Agents are Pinging Back 42:37 Conclusion New to Cloud Computing? Get started here with a $100 credit → https://www.linode.com/linodetube Read the doc for more information on Persistence Techniques → https://www.linode.com/docs/guides/wi... Learn more about Hackersploit https://www.linode.com/docs/guides/ha... Subscribe to get notified of new episodes as they come out → https://www.youtube.com/linode?sub_co... #Linode #Security #RedTeam #Hackersploit Product: Linode, Security, Red Team; Hackersploit;

Follow along using the transcript.

Akamai Developer

1.04M subscribers