Subscribe to the CyberThreatPOV Podcast

Episode 17: Abusing WSUS for Lateral Movement

In this episode Spencer and Brad talk about the hidden dangers of not properly protecting Microsoft WSUS Servers. That’s Windows Server Update Service for those not in the know. Attackers often use legitimate functionality to gain ground and WSUS is no different.

Also be sure to check out Spencer’s WSUS abuse demo!

Nettitude blog discussing SharpWSUS: Introducing SharpWSUS – Nettitude Labs
Spencer’s fork of SharpWSUS: GitHub – techspence/SharpWSUS: SharpWSUS is a c# tool for abusing Microsoft Windows Server Update Services for Lateral Movement

If you’re on to go, listen here or on your favorite podcast app:

Work with Us: