Explore techniques for detecting WMI exploitation in this 51-minute conference talk from Derbycon 2018. Delve into the importance of WMI, its location within Windows systems, and essential tools like Windows Sysinternals AutoRuns and Sysmon. Learn about process execution, command line analysis, WMI activity monitoring, and authentication methods. Discover strategies for identifying lateral movement, remote WMI execution, and PowerShell usage. Gain insights into WMI tools, hunting techniques, and receive recommendations for effective WMI monitoring. Conclude with additional reading suggestions and a Q&A session to enhance your understanding of WMI exploitation detection.