#

windows-persistence

Here are 10 public repositories matching this topic...

sailay1996 / CdpSvcLPE

Windows Local Privilege Escalation via CdpSvc service (Writeable SYSTEM path Dll Hijacking)

windows-exploitation dll-hijacking windows-privilege-escalation windows-persistence

Updated Sep 15, 2022
C++

sailay1996 / SpoolTrigger

Weaponizing for privileged file writes bugs with PrintNotify Service

windows-exploitation dll-hijacking windows-privilege-escalation windows-persistence

Updated May 17, 2022
PowerShell

alphaSeclab / persistence

Resources About Persistence, Multiple Platforms. Including ~80 Tools and 300+ Posts.

persistence ios-persistence android-persistence windows-persistence linux-persistence macos-persistence

Updated Jun 1, 2020

jaamaal / Embed

Adapt practically persistence steadiness strategies working at Windows 10 utilized by sponsored nation-state threat actors, as Turla, ProjectSauron, APT29, EquationGroup, including Stuxnet / Flame.

security apt bugbounty security-tools redteaming redteam advanced-persistent-threat bugbounty-tool redteam-tools windows-persistence

Updated Dec 11, 2020
C++

Hellsender01 / WisPer

Wisper helps to maintain access to windows machine and have some other cool features like UAC Disable,Firewall Disable,Dumping Credentials,etc.

python python3 psexec lazagne windows-persistence pypsexec

Updated Apr 3, 2021
Python

kaotickj / Detecting-Persistence-on-Windows-Computers-for-Non-Technical-Users

This guide empowers non-tech Windows users to detect persistence threats, highlighting signs like cmd windows at startup, registry checks, and spotting malicious commands in PowerShell, cmd, rundll32, and wmic.

windows-persistence malwaredetection

Updated Jul 6, 2025

skeeminator / RINGW0RM

RINGW0RM is Ring0 rootkit and UEFI bootkit plugin formatted for PulsarRAT as a plugin, which was built upon a customized Chaos and Elysium combination (this was not planned to be dropped lol)

plugin rootkit rat uefi uefi-bootkit ring0 windows-driver uefi-boot windows-persistence maldev secureboot-bypass ring0-rootkit skeem

Updated Apr 19, 2026
C#

Malforge-Maldev-Public-Organization / RatInject-Red-Team-Tool

RatInject: C++ tool for stealthy Windows persistence via registry-based techniques.

persistence malware-research malware-development red-team windows-persistence offesive registry-persistence

Updated May 12, 2025

0xsynix / GhostCOM

A lightweight red team beacon with COM-based persistence and HTTP-based exfiltration.

powershell persistence beacon stealth malware-development red-team c2 com-api windows-persistence com-abuse

Updated May 22, 2025
PowerShell

Compcode1 / ioc5-suspicious-task

This case study analyzed a low-complexity but real-world-relevant example of attacker persistence using the built-in Windows utility schtasks.exe.

incident-response scheduled-tasks cybersecurity windows-persistence ioc-analysis

Updated May 12, 2025
Jupyter Notebook

Improve this page

Add a description, image, and links to the windows-persistence topic page so that developers can more easily learn about it.

Curate this topic

Add this topic to your repo

To associate your repository with the windows-persistence topic, visit your repo's landing page and select "manage topics."