This document summarizes a talk about attacking and defending Windows systems. The talk covers how attackers can weaponize legitimate Windows tools like PowerShell, WMI, and Active Directory to conduct reconnaissance and execute malicious actions. It then discusses defensive techniques like Sysmon, Device Guard, and Group Policy Objects that can be used to detect and prevent such attacks. The talk includes a demo of red team techniques for lateral movement and privilege escalation, and how a blue team can detect those activities using defensive tools and logs. It concludes by mentioning additional Windows defenses that were not covered in detail.