Welcome to Nettitude Labs - LRQA Nettitude Labs

CVE-2022-23253 – Windows VPN Remote Kernel Null Pointer Dereference

CVE-2022-23253 is a Windows VPN (remote access service) denial of service vulnerability that Nettitude discovered while fuzzing the Windows Server Point-to-Point Tunnelling Protocol (PPTP) driver. The implications of this vulnerability are that it could be [...]

By Alex Nichols|March 22, 2022|

Introducing RunOF – Arbitrary BOF tool

A few years ago, a new feature was added to Cobalt Strike called “Beacon Object Files” (BOFs). These provide a way to extend a beacon agent post-exploitation with new features, perhaps to respond to conditions [...]

By Joel Snape|March 2, 2022|

Explaining Mass Assignment Vulnerabilities

Programming frameworks have gained popularity due to their ability to make software development easier than using the underlying language alone. However, when developers don’t fully understand how framework functionality can be abused by attackers, vulnerabilities [...]

By Dom Myers|January 25, 2022|

Introducing Process Hiving & RunPE

Download our whitepaper and tool This blog is a condensed version of a whitepaper we've released, called "Process Hiving". It comes with a new tool too, "RunPE". You can download these at the links [...]

By Rob Bone|September 2, 2021|

CVE-2020-26153: Event Espresso Core – Cross Site Scripting

Nettitude have identified a Cross Site Scripting (XSS) vulnerability within Event Espresso Core. Event Espresso is a WordPress plugin which provides online event registration and ticket management. Versions 4.10.6.p and below allow remote attackers to [...]

By Tom Wedgbury|June 25, 2021|