Malware persistence consists of techniques that adversaries use to keep access to systems across restarts, changed credentials, and other interruptions that could cut off their access. Techniques used for persistence include any access, action, or configuration changes that let them maintain their foothold on systems, such as replacing or hijacking legitimate code or adding startup code.
This is an extract with only links to the tools and resources taken from the main article about malware persistence.
A blog that documents recent and ongoing system intrusions, with a focus on ransomware attacks.
TinyCheck allows you to easily capture network communications from a smartphone or any device which can be associated to a Wi-Fi access point in order to quickly analyze them. This can be used to check if any suspect or malicious communication is outgoing from a smartphone, by using heuristics or specific Indicators of Compromise (IoCs). In order to make it working, you need a computer with a Debian-like operating system and two Wi-Fi interfaces. The best choice is to use a Raspberry Pi (2+) a Wi-Fi dongle and a small touch screen. This tiny configuration (for less than $50) allows you to tap any Wi-Fi device, anywhere.
A framework used by penetration testers for building custom exploits for infiltrating systems. Written in Ruby. Comes with a large library of payloads and other nifty and fascinating tools. It's worth learning to use if you're serious about penetration testing or exploit development. Also, the cutting edge of attack technologies winds up coming out of the Metasploit project.
A cheat-sheet for reverse engineering malware, by Lenny Zeltser.
Awesome list of curated hacking infosec pentesting resources.
Cuckoo is a system emulator written in Python for analyzing malware. It automates much of the process of reverse engineering malware samples, such as tracing execution, snapshotting memorry, tracing API and function calls, and dumping network traffic. Generates reports at the end of execution. Modular design, so it's easily customizable.