Guidelines for Using Persistence Techniques

When using persistence techniques:

• Try to maintain a foothold in the organization to continue your attack after the main phase has concluded.
• Demonstrate persistence to the client without necessarily keeping assets compromised for a long period of time.
• Create new user accounts to bypass access control and account monitoring.
• Escalate new accounts' privileges if able.
• Install a RAT as a backdoor into a target system.
• Create a shell using Netcat to open a backdoor for command execution.
• Use reverse shells instead of bind shells whenever possible.
• Use Netcat to exfiltrate files from a target host to your own host.
• Use Netcat to set up a relay from one target host to another for pivoting.
• Use Task Scheduler in Windows to run a compromising command or program on a consistent schedule.
• Use cron jobs in Linux to do likewise.
• Consider using a backdoor as a daemon or service to have it constantly available.
• Understand the disadvantages of creating and using a daemon or service.
• Add commands or programs to the appropriate Registry startup keys to get them to run on Windows boot.