Now the generator is able to generate the document required to exploit also the "Follina" attack (leveraging ms-msdt). Although many PoC are already around the internet, I guessed to give myself a run ...
:: 0 - Registry manipulation / hacky way, work with install.wim or install.esd, support any host OS :: 1 - Dism.exe tool / official way, work with install.wim, require NT 10.0 host OS or Windows 8.1 ...
April 2023 update – Microsoft Threat Intelligence has shifted to a new threat actor naming taxonomy aligned around the theme of weather. NOBELIUM is now tracked as Midnight Blizzard. April 15, 2021 ...