WMI – D E C E I V E R . I O

Deceive, Detect, Engage

Fake WMI Provider with Deceptive Data

Create a decoy WMI provider that responds to attacker queries with fabricated or misleading information. This can be used to confuse attackers, disrupt their reconnaissance efforts, or gather information about their WMI-based tools and techniques.

WMI Event Deception

Goal: Disrupt attacker activity by generating deceptive WMI events.

Approach: Generating fake WMI events to confuse attackers.

This element generates deceptive WMI events that mimic legitimate system activity but contain false information. This can confuse attackers and disrupt their reconnaissance or lateral movement efforts.

Tag: WMI

Fake WMI Provider with Deceptive Data

WMI Event Deception

ORION Detlab: Forging Resilient Detections in the HEFAISTOS Ecosystem

The Maieutic Engine: Birth of a New Detection Engineering Paradigm

The Forge, The Guide, and The Hunter: Unifying Detection Engineering with the Mythological Triad of HEFAISTOS, KEDALION, and ORION

Dendrite: Bridging the Synaptic Gap Between External Intelligence and Internal Defense