Assignment #1 | Assignments | RED TEAM Operator: Windows Persistence Course | Products | SEKTOR7 Institute

Assignment #1

Assignment #1

Difficulty: LOW

Find another COM hijackable DLL and create COM hijacking persistence in a course VM

RED TEAM Operator: Windows Persistence Course

Buy nowLearn more

Intro and Setup

Introduction to Windows Persistence

Intro Addendum

Course VM Setup

RTO-PERS.ova

RTO-pers.zip

Low Privilege Persistence

Startup Folder and Registry Keys

Logon Scripts

Shortcut Mods

Screensavers

Powershell Profile

DLL Proxying - Introduction

DLL Proxying - Demo

Component Object Model - Introduction

COMs Registry

COM Hijacks and Proxies

Admin Level Persistence

Elevated Scheduled Tasks

Multiaction Tasks

New & Modified Services

IFEO - Debugger / SilentProcessExit / Verifier

Application Shims

Windows Management Instrumentation - Introduction

WMI Event Subscription

AppCert DLLs

AppInit DLLs

Netsh Helper DLLs

Winlogon - SHELL / USERINIT

Time Providers

Port Monitors

Local Security Authority - Introduction

LSA-as-a-Persistence - SSPs & AuthPkgs

LSA-as-a-Persistence - Password Filters

Assignments

Assignment #1

Assignment #2

Assignment #3

Assignment #4

Wrap up

Your Feedback

Summary and Next Steps