windows-persistence

Windows Local Privilege Escalation via CdpSvc service (Writeable SYSTEM path Dll Hijacking)

Weaponizing for privileged file writes bugs with PrintNotify Service

Resources About Persistence, Multiple Platforms. Including ~80 Tools and 300+ Posts.

Adapt practically persistence steadiness strategies working at Windows 10 utilized by sponsored nation-state threat actors, as Turla, ProjectSauron, APT29, EquationGroup, including Stuxnet / Flame.

Wisper helps to maintain access to windows machine and have some other cool features like UAC Disable,Firewall Disable,Dumping Credentials,etc.

This guide empowers non-tech Windows users to detect persistence threats, highlighting signs like cmd windows at startup, registry checks, and spotting malicious commands in PowerShell, cmd, rundll32, and wmic.