From securityonline.info
![WMI lateral movement](https://cdn-0.securityonline.info/wp-content/uploads/2022/01/wmeye.gif)
WMEye is an experimental tool that was developed when exploring Windows WMI. The tool is developed for performing Lateral Movement using WMI and remote MSBuild Execution. It uploads the encoded/encrypted shellcode into remote targets WMI Class Property, create an event filter that when triggered writes an MSBuild-based Payload using a special WMI Class called LogFileEventConsumer, and finally executes the payload remotely.