This course on Windows Red Team Persistence Techniques aims to teach learners how adversaries maintain access to systems by utilizing various persistence techniques. By the end of the course, students will be able to understand and implement techniques such as Registry-Key Persistence, Scheduled Tasks Persistence, WMI Persistence, and using Local User Accounts for persistence. The course employs a hands-on approach, guiding students through practical demonstrations and modules to enhance their skills in maintaining persistent access. This course is designed for individuals interested in cybersecurity, red teaming, penetration testing, and ethical hacking.
Windows Red Team Persistence Techniques - Red Team Series
Overview
Syllabus
Introduction
What We’ll Be Covering
What is Persistence?
Mitre Attack Techniques - Persistence
Empire Persistence Modules
Let’s Get Started
Recap of Some Starkiller Features
Renaming Agents
Unprivileged vs Privileged Agents
Creating a an Additional Privileged Agent
Beginning our Persistence Techniques
Using the Registry-Key Persistence Module
Using the Scheduled Tasks Persistence Module
Using the WMI Persistence Module
Using Local User Accounts as a Means of Persistence
Using the PowerBreach Module to create a Backdoor
Checking if our Agents are Pinging Back
Conclusion
Taught by
Linode
