Introduction CrackMapExec (CME) is a popular post-exploitation framework and penetration testing tool, and it’s frequently used in the field. Although CME is versatile and modular, it has become a target for threat actors exploiting its features for malicious purposes. For that reason, it’s important for blue teams to keep up with…