Loading…
This event has ended. Visit the official site or create your own event on Sched.
Mine for the best information security knowledge in the Black Hills of South Dakota!
Back To Schedule
Thursday, October 25 • 10:00am - 12:00pm
Workshop - Offensive WMI Session 2 (Registration Required)

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Offensive WMI Workshop (Session 2)WMI has recently been publicized for its offensive use cases. Attackers, and now red teams, are discovering how powerful WMI can be when used beyond its original intent. Even with the recent surge in WMI use, not everyone knows how to interact with it. This workshop intends to showcase how you can leverage WMI on assessments to do nearly anything you would want to do in a post-exploitation scenario. Want to read files, perform a directory listing, detect active user accounts, run commands (and receive their output), download/upload files, and do all of the above (plus more) remotely?
 
The goal for this workshop will be to enable students to walk away with an understanding of how WMI, a service installed and enabled by default since Windows 2000, is utilized by attackers, demystify interacting with the service locally and remotely, and give students the ability to leverage WMI in the same manner as attackers.
 
Bio: Christopher Truncer (@ChrisTruncer) is a co-founder and red team lead with FortyNorth Security. He is a co-founder and current developer of the Veil-Framework, a project aimed to bridge the gap between advanced red team and penetration testing tools, WMImplant, EyeWitness, and other open-source software. Chris began developing tools that are not only designed for the offensive community, but can enhance the defensive community’s ability to defend their network as well. 
This workshop is provided at no extra cost (Wild West Hackin’ Fest ticket is required), but is limited in participants. Be the first to know when registration opens by signing up for our emails! 

Speakers
CT

Chris Truncer

FortyNorth Security
Christopher Truncer (@ChrisTruncer) is a co-founder and red team lead with FortyNorth Security. He is a co-founder and current developer of the Veil-Framework, a project aimed to bridge the gap between advanced red team and penetration testing tools, WMImplant, EyeWitness, and other... Read More →


Thursday October 25, 2018 10:00am - 12:00pm MDT
Conference Room