Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore Windows Management Instrumentation (WMI) attacks, real-time defense strategies, and advanced forensic analysis techniques in this comprehensive conference talk from BSidesLV 2015. Delve into the intricacies of WhyMI, PowerShell query language, and eventing. Examine potential attack vectors, providers, and PowerShell eggs. Gain insights into APT29 techniques and learn advanced forensic analysis methods, including reverse engineering WMI. Discover practical applications through demonstrations of WMI tools and real-time WMI monitoring. Enhance your understanding of WMI security implications and forensic parsing techniques to better protect and analyze Windows systems.