Welcome to Nettitude Labs

WinDbg: using pykd to dump private symbols

/

Wednesday 11 April 2018

We’ve recently been conducting some reverse engineering and…

CVE-2017-7351: REDCap 7.0.0 - 7.0.10 SQL Injection

/

Thursday 8 February 2018

A SQL injection vulnerability exists in REDCap versions 7.0.0…

Making PoshC2 More Accessible With a $5 VPS

/

Wednesday 31 January 2018

Users may find it difficult to host a PoshC2 server as it requires…

Advisories, Blog

Symantec Encryption Desktop Local Privilege Escalation - Exploiting an Arbitrary Hard Disk Read/Write Vulnerability Over NTFS

/

Tuesday 28 November 2017

Note: These vulnerabilities remain unpatched at the point of…

SharpSocks

PoshC2 v3 with SOCKS Proxy (SharpSocks)

/

Wednesday 15 November 2017

OVERVIEW We’ve been working on quite a few changes since the…

https://scontent-lga3-1.xx.fbcdn.net/v/t34.0-12/22016576_10159281578705621_359956649_n.jpg?oh=9d6de859e618e70b6eb96036eef257a5&oe=59CD0A41

DerbyCon 2017 CTF Write Up

/

Thursday 28 September 2017

The excellent Derbycon 2017 has just come to an end and, just…

Lifting the clouds from cloud investigations

/

Friday 14 July 2017

Nettitude’s IR team recently had an opportunity to investigate…

CVE-2017-8116: Teltonika router unauthenticated remote code execution

/

Tuesday 20 June 2017

We sometimes require internet connectivity in situations where…

BSides Edinburgh 2017 Crypto Contest Write Up

/

Sunday 23 April 2017

Recently, at the inaugural BSides Edinburgh, Ben Turner and…