Great post on a red team loader technique but also has good coverage of bad OPSEC labs.nettitude.com/blog/creating-…

Congratulations to Byte Insight who was successful with his exploit against the ChargePoint Home Flex at Pwn2Own Tokyo!

Dive into the world of Artificial Intelligence prompt injections with BloreBank Chatbot, an interactive game designed to challenge your skills and knowledge! Perfect for anyone keen on understanding the security implications of AI. labs.nettitude.com/blog/blorebank/

Introducing Yasha - Yet Another Security Header Analyser! Get accurate results from across an entire web application, rather than just scanning a single page. labs.nettitude.com/blog/introduci…

CVE-2024-25153: Remote Code Execution vulnerability in Fortra FileCatalyst. Full exploit and technical details included in our latest Labs post. labs.nettitude.com/blog/cve-2024-…

Introducing SharpConflux, a .NET tool built to facilitate Confluence exploration during Red Team engagements. Find out more and download SharpConflux in our latest LRQA Nettitude Labs article. labs.nettitude.com/blog/introduci…

Analysis of CVE-2024-31497: A signature generation flaw in a popular Windows SSH client, PuTTY, leaks user's private SSH keys. labs.nettitude.com/blog/flaw-in-p…

🚨 CVE-2024-20356: Command Injection in Cisco's CIMC, discovered by LRQA Nettitude's thackeraaron. Full technical details and exploit toolkit are included in our latest Labs article below. #CVE #Cisco #Exploit labs.nettitude.com/blog/cve-2024-…

Need to emulate firmware to test the security of a device? In our latest Labs post, we show how to use Qiling to emulate the firmware of a wireless travel router, by Byte Insight. labs.nettitude.com/blog/emulation…

🚨We have just opened up our next Red Team Training course, in October! Sign up here: labs.nettitude.com/training/advan…

Starting the reverse engineering process from scratch every time a new software version is released? Find out how to use Ghidra's Version Tracking tool in our latest Labs post, by Byte Insight labs.nettitude.com/blog/version-t…

Physical Security Testers 🔒 Learn about an easy-to-use tool for capturing and cloning employee RFID badges, in our latest Labs post. #InfoSec #CyberSecurity labs.nettitude.com/blog/this-badg…

Today we are releasing fix-stomped-imports, a plugin for Binary Ninja which allows vulnerability researchers to reconstruct malware with stomped headers. labs.nettitude.com/blog/binary-ni… We recently used this during an incident to reverse engineer a sample of WhiteRabbit ransomware, as

Today we are releasing TokenCert, a C# tool that will create a network token using a provided certificate via PKINIT, by Lefteris Panos This is useful for Red Teams giving make-token functionality with certificates instead of passwords. github.com/nettitude/Toke…

🚨 CVE-2025-5333: Critical RCE vulnerability in Broadcom Symantec Endpoint Management Suite discovered by LRQA's Lefteris Panos during a recent red team engagement. Our latest Cyber Labs article includes a technical walkthrough and mitigation guidance. lrqa.com/en/cyber-labs/…