Courses
    WMI Attacks and Defense

    WMI Attacks and Defense

    What about this course?

    Windows Management Instrumentation (WMI) has been used by Windows administrators for various system management operations since Windows NT. As WMI is often used to automate administrative tasks, it is of equal use for attackers as it is for defenders. It is very helpful to understand WMI and its working to be able to fully utilize its power both for Red and Blue teams. In this training through demonstrations and hands-on, we will discuss how WMI and CIM can be utilized for offensive as well as defensive security. Different utilities like PowerShell built-in cmdlets, PowerShell scripts, native windows tools, and Linux tools will be discussed. Various attacks like enumeration and information gathering, lateral movement, persistence, backdoors, modifying security descriptors, etc. will be executed by utilizing WMI. We will also discuss how WMI can be used for agentless monitoring, detection of the above-mentioned attacks, and more.

    Duration
    4 hours
    Difficulty
    professional
    line-about
    subtitle-line-moduleINE's world-class IT training

    Instructor for this course

    Nikhil Mittal

    InfoSec Researcher

    instructor

    This course is composed by the following modules

    subtile-line-about
    INE's world-class IT training
    module-line

    Common Course Questions

    If you have a question you don’t see on this list, please visit our Frequently Asked Questions page by clicking the button below. If you’d prefer getting in touch with one of our experts, we encourage you to call one of the numbers above or fill out our contact form.

    Hey! Don’t miss anything - subscribe to our newsletter!

    © 2022 INE. All Rights Reserved. All logos, trademarks and registered trademarks are the property of their respective owners.
    instagram Logofacebook Logotwitter Logolinkedin Logoyoutube Logo