Skip to content

Commit

Permalink
Update README.md
Browse files Browse the repository at this point in the history
  • Loading branch information
@Karneades
Karneades authored Aug 26, 2024
1 parent ec0ec84 commit 6064b66
Showing 1 changed file with 2 additions and 1 deletion.
3 changes: 2 additions & 1 deletion README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,7 @@ _Persistence techniques and detection._
* [Linux Persistence Techniques](https://research.splunk.com/stories/linux_persistence_techniques/) - List of persistence techniques.
* [Linux Red Team Persistence Techniques](https://www.linode.com/docs/guides/linux-red-team-persistence-techniques/) - List of persistence techniques.
* [PANIX - Persistence Against *NIX - Features](https://github.com/Aegrah/PANIX?tab=readme-ov-file#features) - List of persistence techniques.
* [Linux Detection Engineering - A primer on persistence mechanisms](https://www.elastic.co/security-labs/primer-on-persistence-mechanisms) - List of Linux persistence mechanisms.
* [ebpfkit](https://github.com/Gui774ume/ebpfkit) - Rootkit leveraging eBPF.
* [TripleCross](https://github.com/h3xduck/TripleCross) - Rootkit leveraging eBPF.

Expand Down Expand Up @@ -100,7 +101,7 @@ _Tools for testing detections. Use the techniques described in [Persistence Tech
* [Atomic Red Team](https://github.com/redcanaryco/atomic-red-team) - Atomic Red Team supports also the MITRE ATT&CK persistence techniques, see e.g. [T1044 "File System Permissions Weakness"](https://github.com/redcanaryco/atomic-red-team/blob/master/atomics/T1044/T1044.yaml).
* [hasherezade persistence demos](https://github.com/hasherezade/persistence_demos) - Various (also non standard) persistence methods used by malware for testing own detection, among others COM hijacking demo is found in the repo.
* [PoisonApple](https://github.com/CyborgSecurity/PoisonApple) - Perform various persistence techniques on macOS.
* [PANIX](https://github.com/Aegrah/PANIX) - A highly customizable Linux persistence tool. Perform various persistence techniques against Linux systems, among others Debian and RHEL, also [covered in a Elastic blog post](https://www.elastic.co/security-labs/primer-on-persistence-mechanisms).
* [PANIX](https://github.com/Aegrah/PANIX) - A highly customizable Linux persistence tool. Perform various persistence techniques against Linux systems, among others Debian and RHEL.

## Prevention

Expand Down

0 comments on commit 6064b66

Please sign in to comment.