CISO Security KitThreat HuntingAI CISO
Persistence Mechanism Review
Enumerate persistence: run keys, scheduled tasks, services, WMI subscriptions, startup items across OS platforms.
What this skill does
Persistence Mechanism Review is a versioned playbook inside the CISO Security Kit. It runs on the AI CISO agent through the Procux skill runtime, producing structured, auditable output suitable for executive review and regulator submission.
- Kit
- CISO Security Kit
- Category
- Threat Hunting
- Primary agent(s)
- AI CISO
- Tags
- threat-hunting, persistence, windows, linux
How to use it
- Sign in to your Procux workspace and open the platform dashboard.
- Pick the AI CISO agent, then pick Persistence Mechanism Review from the CISO Security Kit catalog.
- Provide the required inputs (repo, document, endpoint, jurisdiction) — the agent runs the playbook and returns a structured report.
- Review, iterate, or export (PDF / JSON / Markdown) as part of your internal review cycle.
Related skills
- APT Campaign AnalysisMap observed TTPs to MITRE ATT&CK, pivot over known APT playbooks, produce adversary emulation plan.
- C2 Beaconing DetectionStatistical and JA3 / JARM based detection of command-and-control beacons over HTTPS and DNS.
- DNS Tunneling DetectionDetect DNS exfiltration and covert channels via entropy, subdomain length, NXDOMAIN ratios, and query rate.