securityXspace: a blog about cyber-philosophy.

A botnet has appeared that has attempted to brute-force 1.5 million RDP connections to Windows systems in the last few days — and counting. Source: Forget BlueKeep: Beware the GoldBrute

Exploiting difficult SQL injection vulnerabilities using sqlmap: Part 1 :

Interesting HTTP headers : If you have access to web logs, these headers can reveal some juicy info. Alternatively, some of these can be used for WAF bypassing.

BookFresh Tricky File Upload Bypass to RCE | SECURITY GEEK : Really fun write-up

M1ND-B3ND3R/BoopSuite : Why use this over aircrack-ng? This project is easier to use, identifies clients more quickly than airodump-ng, and displays less useless information. Additionally I can take requests and build them out as I continue to develop this project.

Tainted Leaks: Disinformation and Phishing With a Russian Nexus – The Citizen Lab : Key Points Documents stolen from a prominent journalist and critic of the Russian government were manipulated and then released as a “leak” to discredit domestic and foreign critics of the government.

ThreatConnect research on FancyB : very much vendor fodder, but useful

Common weaknesses in your Windows network – Fox-IT | NTLM relay :

secrary/InjectProc : Process injection is a very popular method to hide malicious behavior of code and are heavily used by malware authors. There are several techniques, which are commonly used: DLL injection, process replacement (a.k.a process hollowing), hook injection and APC injection.

TheShadowBrokers Monthly Dump Service – June 2017 — Steemit : so. many. lulz. $20k or Bust!