Docs: Add WMI features page

docs/content/features/exploiters/wmi.md

@@ -0,0 +1,44 @@
+---
+title: "WMI Exploiter"
+draft: false
+description: "Exploits WMI"
+tags: ["exploiter", "wmi", "brute force"]
+pre: "<i class='fa fa-toolbox'></i> "
+---
+
+## WMI
+
+[WMI (Windows Management Instrumentation)](
+https://learn.microsoft.com/en-us/windows/win32/wmisdk/wmi-start-page) is a set
+of tools and extensions in Windows for managing and querying system information,
+configurations, and operations. Administrators use WMI to manage local and
+remote environments by monitoring system health, automating administrative
+functions, managing network resources, etc.
+
+## Exploitation
+
+Machines with WMI enabled may be accessible to attackers if
+they come across the correct credentials.
+
+Infection Monkey's WMI exploiter uses brute-force to attempt to
+propagate to a victim via WMI.
+
+![WMI Configuration](
+/images/island/configuration-page/wmi-exploiter-configuration.png
+"WMI Configuration")
+
+### Credentials used
+
+The WMI exploiter will use [user-configured credentials](
+/usage/configuration/credentials) as well as credentials collected from other
+victims for brute-forcing. All possible combinations of usernames, passwords,
+LM hashes, and NT hashes are used, prioritizing pairs provided by the user in
+the configuration.
+
+## Mitigation
+
+1. Change user passwords to complex passwords that are not shared with other
+computers on the network.
+
+## See also
+- [WMI exploiter reference documentation](/reference/exploiters/wmi)