<![CDATA[The widespread adoption of Windows 11 necessitates a comprehensive evaluation of its security vulnerabilities, particularly in light of increasingly sophisticated cyberattacks. This study exclusively focuses on Windows 11 Home and Enterprise editions, applying the Cyber Kill Chain framework to map potential attack vectors. The analysis reveals significant weaknesses in SMB and RDP protocols, with Windows 11 Enterprise proving more vulnerable to specific threats such as SMB Relay Attacks. Adversary emulation using the Caldera platform successfully simulated real-world cyber threats, highlighting critical security issues, including the extraction of sensitive information and privilege escalation risks through PowerShell. The emulation demonstrated that commands could identify user accounts and shared directories, exposing potential avenues for unauthorized access. Recommended countermeasures include enabling SMB signing, enforcing strong password policies, disabling unused RDP services, and deploying active antivirus solutions. This research provides key insights into enhancing the security posture of Windows 11 against modern cyber threats, emphasizing the importance of proactive security measures and continuous vulnerability assessments.]]>
Copyrights © 2025
