Become King Of Hell

RED TEAM Operator: Windows Persistence Course By SekTor7

Joined
Aug 12, 2022
Messages
120
Location
Denmark
Hellcoins
♆1,054
Username Style (Gradient Colours)
ncq1yhy92l65g2gwk4kchbh6zvvp

27 persistence methods in Windows. From basic to advanced, unique and known, used in malware like Stuxnet or Flame and by nation-state threat actors, including EquationGroup, Turla and APT29.

Contents​

Intro and Setup​

Introduction to Windows Persistence
Intro Addendum
Course VM Setup
RTO-PERS.ova
RTO-pers.zip

Low Privilege Persistence​

Start Folder and Registry Keys
Logon Scripts
Shortcut Mods
Screensavers
Powershell Profile
DLL Proxying - Introduction
DLL Proxying - Demo
Component Object Model - Introduction
COMs Registry
COM Hijacks and Proxies

Admin Level Persistence​

Elevated Scheduled Tasks
Multiaction Tasks
New & Modified Services
IFEO - Debugger / SilentProcessExit / Verifier
Application Shims
Windows Management Instrumentation - Introduction
WMI Event Subscription
AppCert DLLs
AppInit DLLs
Netsh Helper DLLs
Winlogon - SHELL / USERINIT
Time Providers
Port Monitors
Local Security Authority - Introduction
LSA-as-a-Persistence - SSPs & AuthPkgs
LSA-as-a-Persistence - Password Filters

Assignments​

Assignment #1
Assignment #2
Assignment #3
Assignment #4

Wrap up​

Summary and Next Steps

Watch Online Or Download:
You must reply before you can see the hidden data contained here.
 
Last edited by a moderator:
Joined
Dec 18, 2022
Messages
1
Location
4354yyif
Hellcoins
♆18
ncq1yhy92l65g2gwk4kchbh6zvvp

27 persistence methods in Windows. From basic to advanced, unique and known, used in malware like Stuxnet or Flame and by nation-state threat actors, including EquationGroup, Turla and APT29.

Contents​

Intro and Setup​

Introduction to Windows Persistence
Intro Addendum
Course VM Setup
RTO-PERS.ova
RTO-pers.zip

Low Privilege Persistence​

Start Folder and Registry Keys
Logon Scripts
Shortcut Mods
Screensavers
Powershell Profile
DLL Proxying - Introduction
DLL Proxying - Demo
Component Object Model - Introduction
COMs Registry
COM Hijacks and Proxies

Admin Level Persistence​

Elevated Scheduled Tasks
Multiaction Tasks
New & Modified Services
IFEO - Debugger / SilentProcessExit / Verifier
Application Shims
Windows Management Instrumentation - Introduction
WMI Event Subscription
AppCert DLLs
AppInit DLLs
Netsh Helper DLLs
Winlogon - SHELL / USERINIT
Time Providers
Port Monitors
Local Security Authority - Introduction
LSA-as-a-Persistence - SSPs & AuthPkgs
LSA-as-a-Persistence - Password Filters

Assignments​

Assignment #1
Assignment #2
Assignment #3
Assignment #4

Wrap up​

Summary and Next Steps

Watch Online Or Download:
[Hidden content]
thanks
 

LikeOsado

New member
Joined
Feb 12, 2023
Messages
5
Location
Brazil
Hellcoins
♆33
ncq1yhy92l65g2gwk4kchbh6zvvp

27 persistence methods in Windows. From basic to advanced, unique and known, used in malware like Stuxnet or Flame and by nation-state threat actors, including EquationGroup, Turla and APT29.

Contents​

Intro and Setup​

Introduction to Windows Persistence
Intro Addendum
Course VM Setup
RTO-PERS.ova
RTO-pers.zip

Low Privilege Persistence​

Start Folder and Registry Keys
Logon Scripts
Shortcut Mods
Screensavers
Powershell Profile
DLL Proxying - Introduction
DLL Proxying - Demo
Component Object Model - Introduction
COMs Registry
COM Hijacks and Proxies

Admin Level Persistence​

Elevated Scheduled Tasks
Multiaction Tasks
New & Modified Services
IFEO - Debugger / SilentProcessExit / Verifier
Application Shims
Windows Management Instrumentation - Introduction
WMI Event Subscription
AppCert DLLs
AppInit DLLs
Netsh Helper DLLs
Winlogon - SHELL / USERINIT
Time Providers
Port Monitors
Local Security Authority - Introduction
LSA-as-a-Persistence - SSPs & AuthPkgs
LSA-as-a-Persistence - Password Filters

Assignments​

Assignment #1
Assignment #2
Assignment #3
Assignment #4

Wrap up​

Summary and Next Steps

Watch Online Or Download:
[Hidden content]
ty
 
Joined
Feb 19, 2023
Messages
5
Location
Africa
Hellcoins
♆21
ncq1yhy92l65g2gwk4kchbh6zvvp

27 persistence methods in Windows. From basic to advanced, unique and known, used in malware like Stuxnet or Flame and by nation-state threat actors, including EquationGroup, Turla and APT29.

Contents​

Intro and Setup​

Introduction to Windows Persistence
Intro Addendum
Course VM Setup
RTO-PERS.ova
RTO-pers.zip

Low Privilege Persistence​

Start Folder and Registry Keys
Logon Scripts
Shortcut Mods
Screensavers
Powershell Profile
DLL Proxying - Introduction
DLL Proxying - Demo
Component Object Model - Introduction
COMs Registry
COM Hijacks and Proxies

Admin Level Persistence​

Elevated Scheduled Tasks
Multiaction Tasks
New & Modified Services
IFEO - Debugger / SilentProcessExit / Verifier
Application Shims
Windows Management Instrumentation - Introduction
WMI Event Subscription
AppCert DLLs
AppInit DLLs
Netsh Helper DLLs
Winlogon - SHELL / USERINIT
Time Providers
Port Monitors
Local Security Authority - Introduction
LSA-as-a-Persistence - SSPs & AuthPkgs
LSA-as-a-Persistence - Password Filters

Assignments​

Assignment #1
Assignment #2
Assignment #3
Assignment #4

Wrap up​

Summary and Next Steps

Watch Online Or Download:
[Hidden content]
PErsitenceeee
 
Joined
Mar 12, 2023
Messages
3
Location
France
Hellcoins
♆31
a
ncq1yhy92l65g2gwk4kchbh6zvvp

27 persistence methods in Windows. From basic to advanced, unique and known, used in malware like Stuxnet or Flame and by nation-state threat actors, including EquationGroup, Turla and APT29.

Contents​

Intro and Setup​

Introduction to Windows Persistence
Intro Addendum
Course VM Setup
RTO-PERS.ova
RTO-pers.zip

Low Privilege Persistence​

Start Folder and Registry Keys
Logon Scripts
Shortcut Mods
Screensavers
Powershell Profile
DLL Proxying - Introduction
DLL Proxying - Demo
Component Object Model - Introduction
COMs Registry
COM Hijacks and Proxies

Admin Level Persistence​

Elevated Scheduled Tasks
Multiaction Tasks
New & Modified Services
IFEO - Debugger / SilentProcessExit / Verifier
Application Shims
Windows Management Instrumentation - Introduction
WMI Event Subscription
AppCert DLLs
AppInit DLLs
Netsh Helper DLLs
Winlogon - SHELL / USERINIT
Time Providers
Port Monitors
Local Security Authority - Introduction
LSA-as-a-Persistence - SSPs & AuthPkgs
LSA-as-a-Persistence - Password Filters

Assignments​

Assignment #1
Assignment #2
Assignment #3
Assignment #4

Wrap up​

Summary and Next Steps

Watch Online Or Download:
[Hidden content]
also very usefull thanks
 
Top