subfission/readme.md

## readme.md

      
    Raw
  

              readme.md
            
          
    Persistence Methods

Various persistence methods that can be investigated.
SHA Checksum Command (MAC OS)
shasum -a 512 FILE

References

https://theevilbit.github.io/categories/persistence/
https://github.com/kcrawford/dockutil

Dock Persitance

plutil -p Library/Preferences/com.apple.dock.plist

Check out dockutil for free plist dock editing resource.
Auditd Shell Script

grep -v '^#' /etc/security/audit_warn

Script triggered by sudo audit -n command.
Man Path

grep -v '^#' /private/etc/man.conf

SHA Hashes

55f159eb497aebedd321e3da27aab2377298ae458da327aa9c6a86acbf8c66dbd6ce499ae31d4b1066fde8a151c7fdffb65bbf46eea898a15f232ab7e8664aa9  /etc/security/audit_warn
385577eb3b69379d55660fe9b277f4a29fb1eba0b27c39728e5acdddf64337c4244a92211ae4747c3efe2dc6ce9986b8efe3b9196bfcd7cc7dbb1df317c32a08  /private/etc/man.conf