I have been a follower of Jim Browning for quite a while. One thing I'm curious about him is the tool he is using to get reverse remote desktop connection on the scammer computer right after the scammer takes control of his first.

As a noob, my best guess is he utilizes 0-day vulnerabilities on the remote desktop application.

What do you think?

I believe most scammers use remote-assistance tools which have this feature as standard (as they are meant to be used in a non-adversarial context). Either the scammers don't bother disabling it, or there is no way to disable.

Hi, do you have a good resource for learning Spring Boot + Kotlin?