Summary
This chapter covered techniques and attacks on IT administration software. We have briefly discussed ways to compromise WSUS and the available tooling for such adversary activity. Furthermore, we had a deep dive into the SCCM ecosystem and saw in practice how misconfiguration can lead to the complete overtake of the environment. Later, in the Defensive recommendations section, I stressed the three most important recommendations to improve the SCCM security posture.
Overall, this entire book should demonstrate how complex Windows-based infrastructure is, and how many hidden parts it has. Clearly, new vulnerabilities and attack vectors will appear regularly, but there are enough security mechanisms to make the life of an adversary much harder.
