OpenVAS runs WMIExec

2024-10-13 by mttaggart

TFW the vuln scanner runs offensive tools.

When connecting to Windows hosts, OpenVAS will run impacket-wmiexec against the host. The resulting events look identical to a secretsdump run that you'd hunt for.

Documentation