YoVDO

No Win32_Process Needed - Expanding the WMI Lateral Movement Arsenal

Offered By: Hack in Paris via YouTube

Tags

Hack in Paris Courses Cybersecurity Courses Reconnaissance Courses

Course Description

Overview

Explore advanced WMI lateral movement techniques beyond the traditional Win32_Process class in this 42-minute conference talk from Hack in Paris. Delve into Philip Tsukerman's presentation on expanding the WMI arsenal for lateral movement between endpoints. Learn why threat actors have primarily relied on the "Create" method of the "Win32_Process" class and discover untapped potential within the vast scope of WMI classes and methods. Gain insights into leveraging lesser-known WMI capabilities for more sophisticated lateral movement strategies, while understanding how these techniques can be used for reconnaissance and establishing persistence.

Syllabus

HIP18 - Talk 14 - No Win32_Process Needed Expanding the WMI Lateral Movement Arsenal


Taught by

Hack in Paris

Related Courses

The RedTeam Blueprint - A Unique Guide To Ethical Hacking
Udemy
The Complete Ethical Hacking Course!
Udemy
Ethical Hacking: Footprinting and Reconnaissance
LinkedIn Learning
Applied Ethical Hacking and Rules of Engagement
Udemy
Discovery with ADRecon
Pluralsight