28 lines
689 B
Python
28 lines
689 B
Python
def get_content():
|
|
"""
|
|
Returns structured content for malware persistence mechanisms.
|
|
"""
|
|
return [
|
|
{
|
|
"title": "Persistence Techniques",
|
|
"content": """
|
|
- Registry Keys, Startup Folders.
|
|
- Scheduled Tasks, Services.
|
|
"""
|
|
},
|
|
{
|
|
"title": "Indicators of Persistence",
|
|
"content": """
|
|
- Unexpected DLLs in memory or on disk.
|
|
- Scheduled tasks executing at odd times.
|
|
"""
|
|
},
|
|
{
|
|
"title": "Detection Techniques",
|
|
"content": """
|
|
- Memory forensics for hidden processes.
|
|
- Analyzing autorun entries and system services.
|
|
"""
|
|
}
|
|
]
|