Welcome to Nettitude Labs

CVE-2019-7315: Genie Access WIP3BVAF IP Camera Directory Traversal

/

Thursday 30 May 2019

We have discovered a directory traversal vulnerability that affects…

Operational Security with PoshC2 Framework

/

Thursday 23 May 2019

This post describes a new capability that has been deployed within…

Privilege Escalation via a Kernel Pointer Dereference (CVE-2017-18019)

/

Wednesday 17 April 2019

A little while ago, I discovered a vulnerability, CVE-2017-18019,…

Introducing PoshC2 v4.8 - includes C# dropper, task management and more! - Part One

/

Monday 1 April 2019

We recently released version 4.8 of PoshC2 Python, which includes…

CVE-2018-8955: Bitdefender GravityZone Arbitrary Code Execution

/

Tuesday 16 October 2018

We recently identified a vulnerability in the digitally signed…

DerbyCon 2018 CTF Write Up

/

Thursday 11 October 2018

We have just returned from the always amazing DerbyCon 2018 conference.…

CVE-2018-5240: Symantec Management Agent (Altiris) Privilege Escalation

/

Wednesday 12 September 2018

During a recent red team exercise, we discovered a vulnerability…

CVE-2018-12897: Solarwinds Dameware Mini Remote Control Local SEH Buffer Overflow

/

Wednesday 5 September 2018

Dameware Mini Remote Control (MRC) is a remote administration…

Introducing Scrounger - iOS and Android mobile application penetration testing framework

/

Thursday 23 August 2018

Scrounger is a modular tool designed to perform the routine tasks…