The Red Team Vade Mecum
Search…
⌃K
The Red Team Vade Mecum
Search…
⌃K
The Red Team Vade Mecum
Techniques
Defense Evasion
Privilege Escalation
Enumeration
Execution
Initial Access
Lateral Movement
Linux
No Admin?
Checking for access
Poison Handler
WinRM
AT
PsExec
WMI
Service Control
DCOM
RDP
SCShell
Code Injection
Persistence
Infrastructure
SQL
Other
Vulnerability Discovery
Windows Internals
Powered By
GitBook
WMI
WMI can be used to access remote windows components using RPC calls on TCP port 135.
Ex.
wmic /node:REMOTEIP /user:DOMAIN\USER /password:PASSWORD process call create“C:\Windows\System32\notepad.exe”
Previous
PsExec
Next
Service Control
Last modified
1yr ago