Hunting for Persistence with Cympire: Part IV — Startup Folder
Learn how attackers use the Windows Startup Folder to maintain persistence once they’ve compromised a machine. Then hunt for these malicious Startup Folder items.
Tag Hunting for Persistence with Cympire
Hunting for Persistence with Cympire: Part III — Services
Learn how attackers use Windows services to maintain persistence once they’ve compromised a machine. Then see how to hunt for these malicious services.
Hunting for Persistence with Cympire: Part II — Scheduled Tasks
Learn how attackers use scheduled tasks to maintain persistence once they’ve compromised a machine. Then see how to hunt for these tasks.
Hunting for Persistence with Cympire: Part I — Registry Run Keys
Learn how attackers use Windows registry keys to maintain persistence once they’ve compromised a machine. Then see how to hunt for these malicious keys.