mirror of
https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git
synced 2026-07-19 05:59:40 +03:00
22 lines
677 B
Markdown
22 lines
677 B
Markdown
# Workflows - WMIExec Lateral Movement
|
|
|
|
## Lateral Movement Chain
|
|
|
|
```
|
|
1. Initial Compromise → Credential Harvesting → WMIExec to target
|
|
2. On each new host:
|
|
├── Enumerate local users and groups
|
|
├── Harvest credentials (LaZagne, Mimikatz, SAM dump)
|
|
├── Check for domain admin sessions
|
|
└── Pivot to next target using recovered credentials
|
|
```
|
|
|
|
## Multi-Method Fallback
|
|
|
|
```
|
|
Primary: wmiexec.py (semi-interactive, output capture)
|
|
Fallback1: dcomexec.py (different DCOM object, avoids WMI-specific detection)
|
|
Fallback2: Native PowerShell CIM (blends with admin activity)
|
|
Fallback3: smbexec.py (uses SMB service, noisier but reliable)
|
|
```
|