Windows Management Instrumentation (WMI) has been used by Windows administrators for various system management operations since Windows NT. As WMI is often used to automate administrative tasks, it is ripe for misuse by attackers. Thus, understanding WMI and its inner workings will enable both Red and Blue Teams to fully utilize its power.
In this training, we will discuss how WMI and CIM can be utilized for offensive as well as defensive security. Different utilities like PowerShell built-in cmdlets, PowerShell scripts, native windows tools and more are discussed. Various attacks like enumeration and information gathering, lateral movement, persistence, backdoors, modifying security descriptors etc. will be executed by utilizing WMI. We will also discuss how WMI can be used for agentless monitoring, detection of the aforesaid attacks and more.
A non-exhaustive list of topics covered include:
Getting Started with WMI:
WMI for Red Teams:
WMI for Blue Teams:
33% OFF for First 50 Only!
Register for just $199!
5 Hours 30 Minutes of Hands-On Demo Videos!