There are many ways for a threat actor to maintain persistence in windows systems, we'll take a look at some common persistence mechanisms, where to look and what can be done to detect them.
We'll talk through each persistence mechanism, their purpose and legitimate usage and then how they are abused by threat actors. Such as: