Red Teaming Experiments
Red Teaming Experiments
linkedin
github
@spotheplanet
patreon
What is ired.team?
Pinned
Pentesting Cheatsheets
Active Directory & Kerberos Abuse
offensive security
Red Team Infrastructure
Initial Access
Code Execution
Code & Process Injection
Defense Evasion
Enumeration and Discovery
Privilege Escalation
Credential Access & Dumping
Lateral Movement
Persistence
DLL Proxying for Persistence
Schtask
Service Execution
Sticky Keys
Create Account
AddMonitor()
NetSh Helper DLL
Abusing Windows Managent Instrumentation
Windows Logon Helper
Hijacking Default File Extension
Persisting in svchost.exe with a Service DLL
Modifying .lnk Shortcuts
Screensaver Hijack
Application Shimming
BITS Jobs
COM Hijacking
SIP & Trust Provider Hijacking
Hijacking Time Providers
Installing Root Certificate
Powershell Profile Persistence
RID Hijacking
Word Library Add-Ins
Office Templates
Exfiltration
reversing, forensics & misc
Windows / OS Internals
Cloud
Neo4j
Dump Virtual Box Memory
AES Encryption Using Crypto++ .lib in Visual Studio C++
Reversing Password Checking Routine
Powered by GitBook

Persistence

Here are the articles in this section:
DLL Proxying for Persistence
Schtask
Code execution, privilege escalation, lateral movement and persitence.
Service Execution
Code Execution, Privilege Escalation
Sticky Keys
Sticky keys backdoor.
Create Account
Persistence
AddMonitor()
Persistence, Privilege Escalation
NetSh Helper DLL
Persistence, code execution using netsh helper arbitrary libraries.
Abusing Windows Managent Instrumentation
Persistence, Privilege Escalation
Windows Logon Helper
Hijacking Default File Extension
Persisting in svchost.exe with a Service DLL
Modifying .lnk Shortcuts
Screensaver Hijack
Hijacking screensaver for persistence.
Application Shimming
Persistence, Privilege Escalation
BITS Jobs
File upload to the compromised system.
COM Hijacking
UAC Bypass/Defense Evasion, Persistence
SIP & Trust Provider Hijacking
Defense Evasion, Persistence, Whitelisting Bypass
Hijacking Time Providers
Persistence
Installing Root Certificate
Defense Evasion
Powershell Profile Persistence
RID Hijacking
Word Library Add-Ins
Office Templates
Previous
ShadowMove: Lateral Movement by Duplicating Existing Sockets
Next
DLL Proxying for Persistence
Last updated 2 years ago