In this free one-hour Antisyphon Anti-Cast, Gerard Johansen, Principal Readiness Engineer for Red Canary and Antisyphon instructor, will run through how threat actors use the Windows Management Instrumentation (WMI) for Lateral Movement and Persistence.
Gerard will walk through how threat actors use WMI, what trace evidence is left and how to analyze WMI abuse.
Finally, Gerard will walk through some demonstrations using Atomic Red Team and forensic tools.
Chat with your fellow attendees in the Antisyphon Discord server:
https://discord.gg/antisyphon
in the #🍿anticasts-chat channel
Stay up to date on our upcoming live Anti-Casts and more at https://poweredbybhis.com