Persistence in Linux

Ну, і не Windows єдиним…

Hunting for Persistence in Linux (Part 1): Auditd, Sysmon, Osquery (and Webshells)

(https://pberba.github.io/security/2021/11/22/linux-threat-hunting-for-persistence-sysmon-auditd-webshell/)

Hunting for Persistence in Linux (Part 2): Account Creation and Manipulation

(https://pberba.github.io/security/2021/11/23/linux-threat-hunting-for-persistence-account-creation-manipulation/)

Hunting for Persistence in Linux (Part 3): Systemd, Timers, and Cron

(https://pberba.github.io/security/2022/01/30/linux-threat-hunting-for-persistence-systemd-timers-cron/)

Hunting for Persistence in Linux (Part 4): Initialization Scripts and Shell Configuration

(https://pberba.github.io/security/2022/02/06/linux-threat-hunting-for-persistence-initialization-scripts-and-shell-configuration/)

Hunting for Persistence in Linux (Part 5): Systemd Generators

(https://pberba.github.io/security/2022/02/07/linux-threat-hunting-for-persistence-systemd-generators/)