Expanded Library

Persistence with pwncat

by Ricardo Reimao

During a red team engagement, it is crucial that you maintain foothold on your compromised servers. In this course, you will learn persistence using pwncat.

What you'll learn

During a red team engagement, you need to access your targets for an extended period of time. The most common way of maintaining access is with persistence implants that allow you to access your victims at any time, even if the original point of entry is patched. In this course, Persistence with pwncat, you’ll learn how to utilize the pwncat framework to maintain foothold in a red team environment. First, you’ll explore the basics about persistence and how to install the pwncat framework. Next, you'll see how to receive a reverse shell and how to enumerate users using pwncat. Finally, you’ll learn how to deploy hidden SSH keys so you can access the victim server at any time. When you’re finished with this course, you’ll have the skills and knowledge to execute these techniques Persistence: Valid Accounts (T1078) and Discovery: Account Discovery (T1087) using pwncat. More importantly, knowing how these techniques can be used against you, will ultimately lend to your ability as an organization, or an individual, to detect and defend against specific attack vectors.

About the author

Ricardo is a Cybersecurity Consultant based in Toronto (Canada). He has 14+ years of IT experience, 10 of them in the IT Security field. His main interests are: SIEM solutions (IBM QRadar), Enterprise Security Risk, Penetration Testing, Security processes/procedures and Network Security.

Ready to upskill? Get started