Home 0P3N Blog [podcast] WMI, WBEM, and enterprise asset management
Ready to Start Your Career?
Create Free Account
By: BrBr
October 26, 2015

[podcast] WMI, WBEM, and enterprise asset management

By: BrBr
October 26, 2015
By: BrBr
October 26, 2015
WMI (Windows Management Instrumentation) has been a part of the Windows Operating system since Windows 95. With it, you can make queries about information on hosts, locally and even remotely.Why are we talking about it? Its use in the enterprise and by admins is rarely used, but use in moving laterally by bad actors is growing. It's highly versatile, able to be scripted, and can even be used to cause triggers for when other programs run on a system. Mr. Boettcher and I sit down and discuss the functions of#WMI, its history, what classes and objects are, and ways you can leverage WMI to make your admins job much easier.Direct Link: https://traffic.libsyn.com/brakeingsecurity/2015-043-wmi_remote_management.mp3DerbyCon WMI talk: http://www.irongeek.com/i.php?page=videos/derbycon5/break-me12-whymi-so-sexy-wmi-attacks-real-time-defense-and-advanced-forensic-analysis-matt-graeber-willi-ballenthin-claudiu-teodorescuWbemtest: http://blogs.technet.com/b/chad/archive/2012/03/08/tip-45-wbemtest-the-underappreciated-tool.aspxWMI documentation: https://msdn.microsoft.com/en-us/library/aa384642(v=vs.85).aspxTuneIn podcast Link: http://tunein.com/radio/Brakeing-Down-Security-Podcast-p801582/RSS: http://www.brakeingsecurity.com/rss
Request Demo

Build your Cybersecurity or IT Career

Accelerate in your role, earn new certifications, and develop cutting-edge skills using the fastest growing catalog in the industry