PersistenceSniper

PersistenceSniper is a digitally signed PowerShell module aimed at blue teams and incident responders for automated detection of persistence mechanisms on Windows systems. It implements detection logic for techniques listed in MITRE ATT&CK (e.g. registry run keys, scheduled tasks, service modifications) and is regularly updated with new detection paths.

Features

Detects persistence across run keys, scheduled tasks, services, and WMI
Aligns with MITRE ATT&CK persistence techniques
Digitally signed and published via PowerShell Gallery
Lightweight module (~3000 lines), no external dependencies
Regular releases adding detection capabilities
Suitable for automation and integration into SOAR workflows

Project Samples

Project Activity

See All Activity >

License

MIT License

Follow PersistenceSniper

PersistenceSniper Web Site

Other Useful Business Software

Full-stack observability with actually useful AI | Grafana Cloud

Our generous forever free tier includes the full platform, including the AI Assistant, for 3 users with 10k metrics, 50GB logs, and 50GB traces.

Built on open standards like Prometheus and OpenTelemetry, Grafana Cloud includes Kubernetes Monitoring, Application Observability, Incident Response, plus the AI-powered Grafana Assistant. Get started with our generous free tier today.

Create free account

Rate This Project

User Reviews

Be the first to post a review of PersistenceSniper!

Additional Project Details

Operating Systems

Windows

Programming Language

PowerShell

Related Categories

PowerShell Security Software

Registered

2025-07-28

Similar Business Software

ManageEngine EventLog Analyzer

ManageEngine EventLog Analyzer is an on-premise log management solution designed for businesses of all sizes across various industries such as information technology, health, retail, finance, education and more. The solution provides users with both agent based and agentless log collection, log...

See Software
Blumira

Empower Your Current Team to Achieve Enterprise-Level Security An all-in-one solution with SIEM, endpoint visibility, 24/7 monitoring, and automated response to reduce complexity, increase visibility and speed up time to respond. We handle the security heavy lifting, so you get time back...

See Software
Criminal IP

Criminal IP equips security teams with the actionable Threat Intelligence needed to proactively identify, analyze, and respond to emerging threats. Powered by AI and OSINT, it delivers threat scoring, reputation data, and real-time detection of a wide array of malicious indicators, ranging from...

See Software
ManageEngine Endpoint Central

ManageEngine Endpoint Central is built to secure the digital workplace while also giving IT teams complete control over their enterprise endpoints. It delivers a security-first approach by combining advanced endpoint protection with comprehensive management, allowing IT teams to manage the...

See Software
Aikido Security

Secure your code, cloud, and runtime in one central system. Aikido’s all-in-one security platform is loved by developers and security teams alike with full security visibility, insight in what matters most, and fast/automatic vulnerability fixes. Teams get security done with Aikido thanks...

See Software
ManageEngine ADAudit Plus

ADAudit Plus helps keep your Windows Server ecosystem secure and compliant by providing full visibility into all activities. ADAudit Plus provides a clear picture of all changes made to your AD resources including AD objects and their attributes, group policy, and more. AD auditing helps detect...

See Software

Report inappropriate content

PersistenceSniper

Powershell module that can be used by Blue Teams, Incident Responders

Get an email when there's a new version of PersistenceSniper

Features

Project Samples

Project Activity

Categories

License

Follow PersistenceSniper

User Reviews

Additional Project Details

Operating Systems

Programming Language

Related Categories

Registered