Shellter V & Kali 2.0

Posted in Shellter on August 13th, 2015 by Kyriakos Economou

Official Website: www.shellterproject.com

Enjoy,
kyREcon

Share

Shellter V -Released-

Posted in Shellter on August 8th, 2015 by Kyriakos Economou

Shellter V has been released and combines Stealth Mode with Multi-Payload PE infection and all the fun you had ever imagined a PE infector would ever bring.

Official Website: www.shellterproject.com

Let the games begin!

kyREcon

Share

Introducing Shellter V

Posted in Shellter on August 6th, 2015 by Kyriakos Economou

This demo video demonstrates the Stealth Mode and Multi-Payload dynamic PE infection capabilities of Shellter V.
While Stealth Mode preserves the original functionality of the infected application, its design allows to re-infect mutliple times the same PE file with different payloads.

Official Website: www.shellterproject.com

Enjoy,
kyREcon

Share

Shellter v5.0 Stealth Mode | Pre-Release Demo

Posted in Shellter on July 31st, 2015 by Kyriakos Economou

The following video introduces the Stealth Mode feature of the upcoming Shellter v5.0.
This mode allows to keep the original execution flow of the application, without compromising the dynamic injection concept of Shellter.

Epic things happen!

Enjoy,
kyREcon

Official Website: www.shellterproject.com

Share

The HackingTeam and the Infosick White Angels

Posted in General Articles on July 13th, 2015 by Kyriakos Economou

What have we really learned from the recent data leak regarding the operations of the so called HackingTeam?

Did we learn that there are some companies/people out there selling exploits?

Was it that the infosec industry is full of white angels that would never do so?

Maybe it was the fact that our industry is not so open-minded as we think?

Let’s see…

There are companies and individuals selling exploits. WOW, what a fucking surprise!!!
Sorry for disturbing your sweet dreams. Reality check! If you didn’t know, then you are reading the wrong article. I suggest you continue
reading –>here <–.
If you did know that shit happens, you may be interested in reading the rest of it.

Deamonizing the phrase “selling exploits” is like saying manufacturing cars is evil.
Just because some people will misuse either of them, doesn’t mean that both are necessarily bad.
Is it that bad to sell an exploit that might help the authorities to breach into a terrostists organization?
Is it more bad than driving drunk or high? Oh yes, you never do that!!!

Let’s now go back to those loud infosick people that started sharing lists, and putting labels on people that worked for the HackingTeam.
They even started saying to blacklist all those people from working again in IT. Shame on you!!!
You are not a judge, and you certainly won’t decide for anyone’s life. If you don’t like someone and his actions, you are free to say so.
However, organizing a witch hunting belongs to another era, and I wasn’t expecting to see people going down to that level.
Again, if you did that, shame on you!!!

So selling an exploit is evil. All white angels came out and said that out loud.
I am not really surprised. People do try to get attention by someone else’s failures. Sad creatures!
What these angels never said to us, is what they would have done if they had the skills to build an exploit that someone would happily
buy for $30k or more. I am pretty sure they would never sell that evil thing, because they are nice people!!!
I can understand people with the skills for doing so, that never did, to go out and critisize these actions. However, looking at the mass
shouting under the cross, it is really sad…,and at times even funny.

Now, I know people will come and say that I have connections with the HackingTeam and that I am trying to defend them. I am sorry to
disappoint you, but you are wrong!
They will pay for their mistakes when the time comes, but won’t be you who will decide how and when.
It makes me feel sick being part of a community that is ready at any time to blacklist and label people.
Today it’s them. Tomorrow it might be you, for whatever reason that might be.
At the end of the day, that’s just my opinion, and you don’t have to like it.

Just out of curiosity. Before wearing your superhero mask going out on tweeter saving the world with your (mostly) useless tweets,
did you ever consider what might be the real motivation behind this breach?
How do you know this was done for ethical reasons? How can you be so sure that someone didn’t get paid just to take them out of the game?
I am pretty sure this never occured to you. Surprise! Yeh, I know…shit happens. I don’t imply that I know what really happened, so don’t
pretend you do know that all this happened for a good reason. Just saying…

Apparently HackingTeam, did a lot of mistakes. They fucked up. However, I am pretty sure not all of their actions were evil, and if they were only time will tell.

Finally, I want to send my respects to all of them that handled things responsibly. That is, by sharing the information without judging the
people behind it. To those that spent some time analyzing the leaked data, extracting the exploits and helping the affected vendors to fix
those vulnerabilities, I have to say congrats! That’s what should be all about.

Don’t judge someone just because they sin differently than you.

kyREcon

Share