2026-04-25 –, Track 2
Metasploit has had persistence for a long time, however it's always been lackluster. In July 2025 a complete overhaul of the persistence system began, introducing standardization across all platforms. Since then many new additional techniques have been created, especially on Windows platforms. This talk will discuss the new standardizations and how they effect users, look at the new techniques which have been added, and show how they can be utilized with live demonstrations.
Are you a blue teamer? Comes see what the other side is doing and know what to look for in your logs to find these techniques.
h00die is currently employed with nDepth Security as a senior penetration tester. Previously he helped start Exploit-DB as one of the original staff moderators for submissions and quality control experts. He is currently one of the few non-Rapid7 employees entrusted with commiter rights for the Metasploit framework, volunteering to create new module, peer review submissions, and keep the framework awesome over the last 10 years.
Husband | Father | U.S. Marine Corps Retired | nDepth Security | Alumnus of Capital Technology University & University of Maryland Global Campus