Ne0nd0g
commented
2 years ago That is correct. The agent does not automatically establish persistence. The operator is responsible for establishing persistence. Take a look at the MITRE ATT&CK framework for some ideas on techniques https://attack.mitre.org/tactics/TA0003/ .
Just for a bit of clarification on this topic; if the computer that the agent is running on restarts, then that agent is no longer accessible? Upon a restart of a Windows OS with an active callback agent on Mythic it appears that there is no agent side persistence, is this correct?