Welcome to Nettitude Labs - LRQA Nettitude Labs

Zenbleed – AMD Side-Channel Attack Targets Vectorised Functions

This article provides a technical analysis of Zenbleed, a side-channel attack affecting all AMD Zen 2 processors. Tavis Ormandy reported this vulnerability to AMD on 15 May 2023 and it was assigned CVE-2023-20593. The vulnerability [...]

By Graham Sutherland|August 30, 2023|

LRQA Nettitude’s Approach to Artificial Intelligence

The exploding popularity of AI and its proliferation within the media has led to a rush to integrate this incredibly powerful technology into all sorts of different applications. What remains unclear though is the potential [...]

By David Parsons and Jakub Partyka|July 5, 2023|

Flipper Zero Experiments – Sub-GHz

“The quieter you become, the more you are able to hear.” This is the tagline associated with Kali Linux, a Linux distribution used by security researchers, penetration testers, and hackers alike. In the context of [...]

By Dalton Wright|June 5, 2023|

ETWHash – “He who listens, shall receive”

ETWHash is a small C# tool used during Red Team engagements, that can consume ETW SMB events and extract NetNTLMv2 hashes for cracking offline, unlike currently documented methods. GitHub: https://github.com/nettitude/ETWHash Microsoft ETW (Event Tracing for [...]

By Lefteris Panos|May 3, 2023|

Creating an IR Nightmare Drop Box

A common objective of physical assessments is placement of a drop box to establish communication out of the network environment. A few years ago, the choices were limited to NUC or a Raspberry PI type [...]

By Patrick Matthews|April 21, 2023|