Persistence

A Backdoor is a hidden access mechanism that allows attackers to bypass standard authentication and security controls. This SECMONS glossary entry explains how backdoors are installed, how they differ from web shells, and why they are critical in post-compromise persistence.

Persistence is the stage of an intrusion where attackers establish mechanisms to maintain access to a compromised system or environment over time. This SECMONS glossary entry explains how persistence works, common techniques used by threat actors, and how defenders can detect and remove persistent footholds.

A Remote Access Trojan (RAT) is malware that provides attackers with covert remote control over compromised systems. This SECMONS glossary entry explains how RATs operate, how they are deployed, and why they are central to espionage, credential theft, and long-term persistence.

A Web Shell is a malicious script deployed on a web server that allows attackers to execute commands remotely. This SECMONS glossary entry explains how web shells are deployed, why they are difficult to detect, and how defenders can identify and remove them.

Analysis of post-exploitation techniques in 2026, including lateral movement, privilege escalation, and stealth persistence methods used by attackers.

A Bootkit is a type of stealth malware that infects the system boot process, allowing malicious code to execute before the operating system loads and enabling attackers to maintain deep persistence and evade security controls.

A Rootkit is a stealthy type of malicious software designed to hide its presence on a compromised system while maintaining privileged access and allowing attackers to control the infected machine without detection.

Technical explanation of persistence, an attack technique used by threat actors to maintain long-term access to compromised systems and networks even after initial intrusion vectors are removed.