Swag reminder https://teespring.com/stores/illmob-swag-shop
Simple tool to create HTA with Evading AV
CORS Misconfiguration Scanner.
Metasploit Shellcode Grows Up: Encrypted and Authenticated C Shells
SkelSec/pypykatz 0.3.0 released
rogerorr/DllSurrogate-dll to call x32com from x64 binaries
HRShell – Flask HTTP/HTTPS Reverse Shell/C2
Evil WinRM + Donut-Loader
USB Armory MKII
PyPyKatz-WASM – Parse lsass dumps in the cloud
SMB2 snapshots with Impacket SMBClient
Python API wrapper for spyse.com tools
SharpDoor – termsrv.dll multiRDP patcher
Just in time for summer camp , finally got around to adding designs to new illmob store on ::teespring:: tried to keep the prices to at cost. We will also be handing out some stickers and prizes given out randomly if you find us. See you there!
TL;DR: The infosec ‘community’ is a dumpster fire. (with lots of screenshots that everyone loves to post.)
So since a shitty reporter wrote a hit piece of a one-sided view of the illmob facebook group, figured we’d get all the info on the table so you can make your own conclusions instead of following the narrative...
So I have a bit of history with the old trojan scene from 20 years ago. I got my first computer in 1999 around that time I had also read articles in USA Today about BO2k being released at Defcon etc....
Between 180,000 and 800,000 IP-based closed-circuit television cameras are vulnerable to a zero-day vulnerability and a backdoor that allows an attacker remote code execution. Tenable issued the advisory today, the bugs are rated critical and tied to firmware possibly used in one of 100 different cameras that run the affected NVRMini2 webserver so...
Matt harr0ey (@harr0ey) released a POC of an SVG Document ActiveX executing using a browser (not Internet Explorer) inside Microsoft Word. Details are on his blog homjxi0e.wordpress.com and a short demo video of it in action below