A collection of scripts I've written to help red and blue teams with malware persistence techniques. I take no responsibility for how they're used.
These are techniques that I regularly use to ensure that my agents can survive reboots. Majority of my persistence scripts are written in PowerShell since it's an excuse for me to learn it. May these scripts help you evade many a blue team.
I'm trying to help blue teams to add robust rule sets to their detection techniques. Most of the time I try to focus on simple userland tactics which don't require privilege escalation. Additionally, I try to find ways to trigger my agents based on user behaviour rather than system behaviour. May these techniques help you catch those pesky hackers.
It looks through newest 500 events in the Windows event logs on the target system and schedules a user task, using the most commonly occurring event ID as a trigger, to run a specified application.