PersistenceSniper

1.12.1

This module tries to enumerate all the persistence methods implanted on a compromised machine. New techniques may take some time before they are implemented in this script, so don't assume that because the module didn't find anything the machine is clean.

Minimum PowerShell version

5.0

Installation Options

Copy and Paste the following command to install this package using PowerShellGet More Info

Install-Module -Name PersistenceSniper -RequiredVersion 1.12.1

Copy and Paste the following command to install this package using Microsoft.PowerShell.PSResourceGet More Info

Install-PSResource -Name PersistenceSniper -Version 1.12.1

You can deploy this package directly to Azure Automation. Note that deploying packages with dependencies will deploy all the dependencies to Azure Automation. Learn More

Manually download the .nupkg file to your system's default download location. Note that the file won't be unpacked, and won't include any dependencies. Learn More

Owners

Copyright

Commons Clause

Package Details

Author(s)

  • Federico @last0x00 Lagrasta

Tags

Windows Registry Persistence Detection Blue Purple Red Team Incident Response DFIR IR Forensics AMSI Powershell

Functions

Find-AllPersistence

Dependencies

This module has no dependencies.

Release Notes

This release fixes a bug in the Accesibility Tools persistence detection, which up to version 1.12.0 did not check for Utilman.exe hijacking.

FileList

Version History

Version Downloads Last updated
1.17.1 1,070 12/11/2024
1.17.0 24 12/11/2024
1.16.3 1,606 12/3/2024
1.16.1 23,749 6/30/2024
1.16.0 9,089 3/31/2024
1.15.1 3,987 2/15/2024
1.15.0 3,771 1/9/2024
1.14.0 1,039 11/4/2023
1.13.0 169 10/5/2023
1.12.1 (current version) 388 8/12/2023
1.12.0 300 5/22/2023
1.11.0 89 5/5/2023
1.10.1 20 5/4/2023
1.9.3 65 4/16/2023
1.9.2 197 2/22/2023
1.9.1 127 1/29/2023
1.8.0 124 12/16/2022
1.7.1 96 10/17/2022
1.7.0 207 9/7/2022
1.6.0 265 9/6/2022
1.5.0 31 8/31/2022
1.4.0 93 8/15/2022
1.3.2 57 8/9/2022
1.3.1 23 8/8/2022
1.3 16 8/8/2022
1.2 15 8/8/2022
1.0 181 8/4/2022
0.9 25 8/3/2022
Show less