LRQA Cyber Labs

Calling all Red Teamers 🚨 Today we are introducing Tartarus-TpAllocInject, a new OPSEC-safe loader and technique for bypassing EDR solutions, by @trickster012 labs.nettitude.com/blog/creating-…

🚨 CVE-2025-5333: Critical RCE vulnerability in Broadcom Symantec Endpoint Management Suite discovered by LRQA's Lefteris Panos during a recent red team engagement. Our latest Cyber Labs article includes a technical walkthrough and mitigation guidance. lrqa.com/en/cyber-labs/…

Today we are releasing TokenCert, a C# tool that will create a network token using a provided certificate via PKINIT, by @lefterispan This is useful for Red Teams giving make-token functionality with certificates instead of passwords. github.com/nettitude/Toke…

Today we are releasing fix-stomped-imports, a plugin for Binary Ninja which allows vulnerability researchers to reconstruct malware with stomped headers. labs.nettitude.com/blog/binary-ni… We recently used this during an incident to reverse engineer a sample of WhiteRabbit ransomware, as…

Physical Security Testers 🔒 Learn about an easy-to-use tool for capturing and cloning employee RFID badges, in our latest Labs post. #InfoSec #CyberSecurity labs.nettitude.com/blog/this-badg…

Starting the reverse engineering process from scratch every time a new software version is released? Find out how to use Ghidra's Version Tracking tool in our latest Labs post, by @ByteInsight labs.nettitude.com/blog/version-t…

🚨We have just opened up our next Red Team Training course, in October! Sign up here: labs.nettitude.com/training/advan…

Need to emulate firmware to test the security of a device? In our latest Labs post, we show how to use Qiling to emulate the firmware of a wireless travel router, by @ByteInsight. labs.nettitude.com/blog/emulation…

🚨 CVE-2024-20356: Command Injection in Cisco's CIMC, discovered by LRQA Nettitude's @thackeraaron. Full technical details and exploit toolkit are included in our latest Labs article below. #CVE #Cisco #Exploit labs.nettitude.com/blog/cve-2024-…

Analysis of CVE-2024-31497: A signature generation flaw in a popular Windows SSH client, PuTTY, leaks user's private SSH keys. labs.nettitude.com/blog/flaw-in-p…

Introducing SharpConflux, a .NET tool built to facilitate Confluence exploration during Red Team engagements. Find out more and download SharpConflux in our latest LRQA Nettitude Labs article. labs.nettitude.com/blog/introduci…

CVE-2024-25153: Remote Code Execution vulnerability in Fortra FileCatalyst. Full exploit and technical details included in our latest Labs post. labs.nettitude.com/blog/cve-2024-…

Introducing Yasha - Yet Another Security Header Analyser! Get accurate results from across an entire web application, rather than just scanning a single page. labs.nettitude.com/blog/introduci…

Dive into the world of Artificial Intelligence prompt injections with BloreBank Chatbot, an interactive game designed to challenge your skills and knowledge! Perfect for anyone keen on understanding the security implications of AI. labs.nettitude.com/blog/blorebank/

Congratulations to @ByteInsight who was successful with his exploit against the ChargePoint Home Flex at Pwn2Own Tokyo!

Great post on a red team loader technique but also has good coverage of bad OPSEC labs.nettitude.com/blog/creating-…