Persistence in the context of malware refers to the ability of malicious code to survive after the exploited component is terminated or the system is rebooted.
Links to this note
- Autoruns
- borges2021
- crontab persistence
- evadingedr-hand2024
- hackingteamwriteup-fisher2016
- hiddenkernelmodulesextremwayreborn_g1inko2024
- malware setting files as immutable or append only
- post-exploitation
- Process Injection
- replaces pam_unix.so with a malicious copy
- Skidmap malware
- sudoers README file persistence