Welcome to Nettitude Labs - LRQA Nettitude Labs

Binary Ninja Plugin: fix-stomped-imports

Recently, in response to a customer incident we needed to reverse engineer a malware sample of WhiteRabbit ransomware that proved to be tricker than expected. As we'll see, this sample maps a PE into memory [...]

By Rob Bone|September 18, 2024|

This Badge is My Badge

When it comes to covert entry assessments, successfully capturing RFID badge values can mean the difference between failure and successful entry to a target site. In a previous Labs post, “I Don’t Need a Badge [...]

By Dalton Wright|August 28, 2024|

Version Tracking in Ghidra

When a binary is reverse engineered using Ghidra, various annotations are applied to aid in understanding the binary's behaviour. These annotations come in the form of comments, renamed functions, variables, arguments and more. Collectively these [...]

By Connor Ford|August 7, 2024|

Vulnerabilities in AI Agents

LLMs are becoming increasingly accessible to everyone. It is very easy to create your own LLM system, however like with any new technology, they are challenging to secure. Many AI systems are vulnerable to various [...]

By Jakub Partyka|July 25, 2024|

Emulation with Qiling

Qiling is an emulation framework that builds upon the Unicorn emulator by providing higher level functionality such as support for dynamic library loading, syscall interception and more. In this Labs post, we are going to [...]

By Connor Ford|May 9, 2024|