Tips, Tricks and Tools for Cyber Security Enthusiasts

Maritime Malware Campaigns – Document Payloads

Thursday 19 September 2019/0 Comments/in Blog /by Joel Snape

As part of our research into threats facing the marine and offshore sector, we recently uncovered an ongoing malware campaign. It makes use of specific maritime industry related document lures, and attempts to evade detection by disguising command and control traffic as traffic to legitimate maritime-related businesses. From our examination of the documents being sent, […]

Read more →

DerbyCon 2019 CTF Write Up

Wednesday 18 September 2019/0 Comments/in Blog /by Spicy Weasel

We recently returned from the always excellent DerbyCon 2019 conference. We once again competed in the 48 hour Capture The Flag competition under the team name “spicyweasel”, where we were pleased to finish in second place. The prize for us was $750 and we decided to donate that to the Chris Lucas Trust, in order […]

Read more →

$C:\Users\coakley\Desktop\download (3).png$

Cross Site Scripting (XSS) Payload Generator

Monday 29 July 2019/0 Comments/in Blog /by Iain Wallace

This post will help you to evade some of those tricky cross site scripting restrictions with the help of a new tool I’ve pushed to our XSS Payloads repository. There are times during a web application penetration test when Cross Site Scripting (XSS) has been identified with a trivial payload such as <script>alert(1)</script> or via […]

Read more →

CVE-2018-20319: Why you should always have two factor authentication on your VPN

Wednesday 19 June 2019/0 Comments/in Blog /by Tom Wilson

The OpenConnect VPN client, on all supported platforms, suffered from a possible information leak that could result in an attacker with elevated local privileges obtaining plaintext credentials. This VPN security vulnerability has now been patched and assigned CVE-2018-20319. Affected Software Vendor website: https://www.infradead.org/openconnect/ Affected versions: OpenConnect client – Windows, Linux, Mac OS X, Android, Solaris, […]

Read more →

CVE-2019-7315: Genie Access WIP3BVAF IP Camera Directory Traversal

Thursday 30 May 2019/0 Comments/in Blog /by Ben Hackman

We have discovered a directory traversal vulnerability that affects Genie Access’ WIP3BVAF WISH IP 3MP IR Auto Focus Bullet Camera. This security vulnerability can act as the first step to full device compromise and has been assigned CVE-2019-7315. Proof of concept (PoC) of path traversal vulnerability discovered The directory traversal vulnerability can be exploited via […]

Read more →

Operational Security with PoshC2 Framework

Thursday 23 May 2019/0 Comments/in Blog /by Doug McLeod

This post describes a new capability that has been deployed within PoshC2, which is designed to assist with revealing a wider set of target environment variables at the dropper stage, as part of operational security controls. Imagine the following scenario. You’ve deployed IP address white-listing on a proxy in order to limit implant installation to […]

Read more →

Maritime Malware Campaigns – Document Payloads

DerbyCon 2019 CTF Write Up

Cross Site Scripting (XSS) Payload Generator

CVE-2018-20319: Why you should always have two factor authentication on your VPN

CVE-2019-7315: Genie Access WIP3BVAF IP Camera Directory Traversal

Operational Security with PoshC2 Framework

EMEA

Americas

General Enquires

Social Media

Welcome to Nettitude Labs

EMEA

Americas

General Enquires

Social Media