No Win32_Process Needed - Expanding the WMI Lateral Movement Arsenal
Offered By: Hack in Paris via YouTube
Course Description
Overview
Explore advanced WMI lateral movement techniques beyond the traditional Win32_Process class in this 42-minute conference talk from Hack in Paris. Delve into Philip Tsukerman's presentation on expanding the WMI arsenal for lateral movement between endpoints. Learn why threat actors have primarily relied on the "Create" method of the "Win32_Process" class and discover untapped potential within the vast scope of WMI classes and methods. Gain insights into leveraging lesser-known WMI capabilities for more sophisticated lateral movement strategies, while understanding how these techniques can be used for reconnaissance and establishing persistence.
Syllabus
HIP18 - Talk 14 - No Win32_Process Needed Expanding the WMI Lateral Movement Arsenal
Taught by
Hack in Paris
Related Courses
Computer SecurityStanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network