# Windows

- [Accessibility features Backdoor](/redteam/persistence/windows/accessibility-features-backdoor.md): MITRE ATT\&CK™  Event Triggered Execution - Accessibility Features - Technique T1546.008
- [AEDebug Keys Persistence](/redteam/persistence/windows/aedebug-keys.md)
- [Image File Execution Options (IFEO) Persistence](/redteam/persistence/windows/image-file-execution-options.md): MITRE ATT\&CK™ Event Triggered Execution: Image File Execution Options Injection - Technique T1546.012
- [Logon Triggered Persistence](/redteam/persistence/windows/logon-triggered.md): MITRE ATT\&CK™ Boot or Logon Autostart Execution - Technique T1547
- [LSA Persistence](/redteam/persistence/windows/lsa.md)
- [Security Support Provider DLLs](/redteam/persistence/windows/lsa/security-support-provider-dlls.md): MITRE ATT\&CK™ Boot or Logon Autostart Execution: Security Support Provider - Technique T1547.005
- [Authentication Package](/redteam/persistence/windows/lsa/authentication-package.md): MITRE ATT\&CK™ Boot or Logon Autostart Execution: Authentication Package - Technique T1547.002
- [Natural Language 6 DLLs Persistence](/redteam/persistence/windows/natural-language-6-dlls.md)
- [Run Keys Persistence](/redteam/persistence/windows/run-keys.md): MITRE ATT\&CK™ Boot or Logon Autostart Execution: Registry Run Keys / Startup Folder - Technique T1547.001
- [Winlogon Persistence](/redteam/persistence/windows/winlogon.md): MITRE ATT\&CK™ Boot or Logon Autostart Execution: Winlogon Helper DLL - Technique T1547.001
- [WMI Event Subscription Persistence](/redteam/persistence/windows/wmi-event-subscription.md): MITRE ATT\&CK™  Event Triggered Execution: Windows Management Instrumentation Event Subscription - Technique T1546.003