Malware and Persistence
Chapter 2 shows how attackers can use browsers and software that provide active content for browsers such as Java and Adobe Flash as vectors to get an initial foothold in a network. Another option is malware. Malicious documents, like Word documents, can be used to provide an attacker with an initial shell on a target system.
An attacker that has compromised a target wants to retain access to that system. Many attackers create persistence mechanisms using malware to allow them to reconnect to their targets. Metasploit has a persistence script for Windows systems. Persistence can also be developed ...