Windows ASR Rules & (Re)Enabling WMI When Blocked
Recently there have been tweets about Windows Attack Surface Reduction (ASR) rules and I wanted to take the chance to dive into a topic that I have discussed in my Offensive WMI workshops given at Wild West Hackin Fest and BSidesDC. Matt Graeber wrote an excellent white paper on the topic for BlackHat USA, and…