securityXspace: a blog about cyber-philosophy.

Breaking Out of Citrix and other Restricted Desktop Environments | Pen Test Partners : Solid mega post. Index Dialog Boxes Abusing Dialog Boxes Help Menus Environmental Variables / Bypassing Path Restrictions Gaining a Command Shell Bypassing Write Restrictions Bypassing Executable Restrictions Internet Explorer Microsoft Office Modifying ICA Files Default / Weak Credentials File Transfer –…

Red on Red: The Attack Landscape of the Dark Web – TrendLabs Security Intelligence Blog : Tor forum honeypot

Operation Bachosens: A detailed look into a long-running cyber crime campaign :

WikiLeaks – Releases | Pandemic : Today, June 1st 2017, WikiLeaks publishes documents from the “Pandemic” project of the CIA, a persistent implant for Microsoft Windows machines that share files (programs) with remote users in a local network. “Pandemic” targets remote users by replacing application code on-the-fly with a trojaned version if the program is…

WikiLeaks – Vault 7: AfterMidnight + Assassin implant : required reading for offense or defense teams.

Web Developer Security Checklist – Simple Security :

Appcanary – Everything you need to know about HTTP security headers :

THE INCREASED USE OF POWERSHELL IN ATTACKS [PDF] :

The Equation Group’s post-exploitation tools (DanderSpritz and more) Part 1 :

ewilded/psychoPATH : This tool is a customizable payload generator, initially designed to automate blind detection of web file upload implementations allowing to write files into the webroot (aka document root). The “blind” aspect is the key here and is inherent to dynamic testing usually conducted with no access to the source code or the filesystem.