Moving to gitlab
Starting to push all code to gitlab, all the code on github will be left there but the account will be abandoned.
Starting to push all code to gitlab, all the code on github will be left there but the account will be abandoned.
Swag reminder https://teespring.com/stores/illmob-swag-shop
Tools:
Simple tool to create HTA with Evading AV
CORS Misconfiguration Scanner.
Metasploit Shellcode Grows Up: Encrypted and Authenticated C Shells
harismuneer/Ultimate-Facebook-Scraper
Invoke-Procdump.ps1
SkelSec/pypykatz 0.3.0 released
rogerorr/DllSurrogate-dll to call x32com from x64 binaries
phackt/stager...
Tools:
https://github.com/byt3bl33d3r/WitnessMe
https://github.com/NotSoSecure/cloud-service-enum
https://github.com/theMiddleBlue/CVE-2019-11043
https://github.com/cobbr/Covenant
https://github.com/n1xbyte/donutCS
https://sqlectron.github.io/
https://github.com/sansatart/scrapts/blob/master/shodan-favicon-hashes.csv
https://gitlab...
https://github.com/h43z/dns-rebinding-tool/
http://intx0x80.blogspot.com/2019/10/JWT.html
https://twitter.com/kaluche_/status/1181834267204210688
https://github.com/Hackplayers/Salsa-tools
https://github.com/AlmondOffSec/PoCs/tree/master/Windows_wermgr_eop
https://github.com/HunnicCyber/SharpSniper
https://github.com/3gstudent/GadgetToJScript
Tools:
HRShell – Flask HTTP/HTTPS Reverse Shell/C2
Evil WinRM + Donut-Loader
USB Armory MKII
PyPyKatz-WASM – Parse lsass dumps in the cloud
https://shell.now.sh/
SMB2 snapshots with Impacket SMBClient
Python API wrapper for spyse.com tools
SharpDoor – termsrv.dll multiRDP patcher
Reading:
https://thehackernews...
Just in time for summer camp , finally got around to adding designs to new illmob store on ::teespring:: tried to keep the prices to at cost. We will also be handing out some stickers and prizes given out randomly if you find us. See you there!
TL;DR: The infosec ‘community’ is a dumpster fire. (with lots of screenshots that everyone loves to post.)
So since a shitty reporter wrote a hit piece of a one-sided view of the illmob facebook group, figured we’d get all the info on the table so you can make your own conclusions instead of following the narrative...
So I have a bit of history with the old trojan scene from 20 years ago. I got my first computer in 1999 around that time I had also read articles in USA Today about BO2k being released at Defcon etc....
Our new open source python OSINT framework, skiptracer was released yesterday @ HushCon. Initial attack vectors for recon usually involve utilizing pay-for-data/API (Recon-NG), or paying to utilize transforms (Maltego) to get data mining results...