Persistence

Author: Mario Martinez Jr. (ku5e / Gary7) | TryHackMe USA Top 1% Difficulty: Easy Topics: Persistence Mechanisms, Backdoors, Incident Response, Linux Forensics Answers are redacted within the narrative to allow you to complete the tasks on your own, but a full table of answers is available at the end of this walkthrough. A server is already compromised. The attacker believes they cleared out. Your job is finding what they left behind before the machine goes back to production. The IR team has isolated the machine and handed you credentials for an account with root privileges. Five backdoors are planted somewhere on the system. Finding them requires knowing what a clean Linux install looks like. Anything that doesn’t match is a lead. ...

TryHackMe: Atomic Bird Goes Purple #2 Author: Mario Martinez Jr. (ku5e / Gary7) | TryHackMe USA Rank #76 | Top 1% Difficulty: Medium Topics: Purple Teaming, Threat Emulation, Atomic Red Team, Credential Access, Defense Evasion, Persistence, Registry Manipulation, Service Creation Answers are redacted within the narrative to allow you to complete the tasks on your own, but a full table of answers is available at the end of this walkthrough. ...