Persistence: Difference between revisions
Jump to navigation
Jump to search
(Persistence techniques) |
mNo edit summary |
||
Line 9: | Line 9: | ||
* PAM: [https://book.hacktricks.xyz/linux-hardening/linux-post-exploitation Pluggable Authentication Module] | * PAM: [https://book.hacktricks.xyz/linux-hardening/linux-post-exploitation Pluggable Authentication Module] | ||
* DNS: https://github.com/iagox86/dnscat2 | * DNS: https://github.com/iagox86/dnscat2 | ||
* Windows Persistence Techniques: https://www.ired.team/offensive-security/persistence | * Blog: Windows Persistence Techniques: https://www.ired.team/offensive-security/persistence | ||
==== C2 Frameworks ==== | ==== C2 Frameworks ==== |
Revision as of 16:02, 4 August 2023
See below tools, resources and frameworks to achieve persistence, make sure to customize and obfuscate your implants to avoid AV detection.
- Gsocket: https://github.com/hackerschoice/gsocket
- PHP: https://github.com/epinna/weevely3
- Reverse Shell Generator: https://www.revshells.com
- Meterpreter: https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Reverse%20Shell%20Cheatsheet.md#meterpreter-shell
- Blog: https://dhilipsanjay.gitbook.io/ctfs/tryhackme/tryhackme/linuxbackdoors
- Database: https://www.adminer.org
- PAM: Pluggable Authentication Module
- DNS: https://github.com/iagox86/dnscat2
- Blog: Windows Persistence Techniques: https://www.ired.team/offensive-security/persistence
C2 Frameworks
C2 Matrix. Open source and closed source command and control (C2) frameworks. Go to popular forums to find cracked frameworks such as cobalt strike.
- https://docs.google.com/spreadsheets/d/1b4mUxa6cDQuTV2BPC6aA-GR4zGZi0ooPYtBe4IgPsSc
- Living Off Trusted Sites. Use popular legitimate domains when conducting phishing, C&C, exfiltration and downloading tools to evade detection: https://lots-project.com