Cyber Labs

I Don't Need a Badge - Lessons Learned from...

22 Mar 2023

A covert entry assessment is a physical security assessment in which penetration testers try to gain access to...

Exploiting Network Security Cameras: Understanding and Mitigating the Risks

15 Feb 2023

Security cameras are an important tool for protecting homes and businesses. While they provide valuable assurance for physical...

CVE-2022-25026 & CVE-2022-25027: Vulnerabilities in Rocket TRUfusion Enterprise

4 Jan 2023

Nettitude recently conducted a penetration test for a customer who used Rocket TRUfusion Enterprise within their external infrastructure....

Accelerator Program

1 Jan 2023

Do you want a job in cyber security but don’t know how to break into the industry? Tired...

Avoiding Detection with Shellcode Mutator

21 Dec 2022

Today we are releasing a new tool to help red teamers avoid detection. Shellcode is a small piece...

CVE-2021-43444 to 43449: Exploiting ONLYOFFICE Web Sockets for Unauthenticated...

14 Dec 2022

About 18 months ago, I was conducting a pentest of a document management platform. It was designed with...

What is Cybersquatting?

9 Nov 2022

Cybersquatting is the act of registering a domain name which looks similar to a target domain in order...

How Circle Banned Tornado Cash Users

28 Sep 2022

Tornado Cash is an open-source, decentralised cryptocurrency mixer. Using zero-knowledge proofs, this mixes identifiable funds with others, obscuring...

CVE-2021-44076: Cross-Site Scripting (XSS) in CrushFTP

14 Sep 2022

During the course of our work, Nettitude have identified a stored Cross-Site Scripting (XSS) vulnerability within the CrushFTP...

Network Relaying Abuse in a Windows Domain

31 Aug 2022

Network relaying abuse in the context of a legacy Windows authentication protocol is by no means a novel...

Tools

Tutorials

Blogs

Filter by

I Don't Need a Badge - Lessons Learned from...

Exploiting Network Security Cameras: Understanding and Mitigating the Risks

CVE-2022-25026 & CVE-2022-25027: Vulnerabilities in Rocket TRUfusion Enterprise

Accelerator Program

Avoiding Detection with Shellcode Mutator

CVE-2021-43444 to 43449: Exploiting ONLYOFFICE Web Sockets for Unauthenticated...

What is Cybersquatting?

How Circle Banned Tornado Cash Users

CVE-2021-44076: Cross-Site Scripting (XSS) in CrushFTP

Network Relaying Abuse in a Windows Domain

Error

No results found

Tools

Tutorials

Blogs

Training

Filter by

I Don't Need a Badge - Lessons Learned from...

Exploiting Network Security Cameras: Understanding and Mitigating the Risks

CVE-2022-25026 & CVE-2022-25027: Vulnerabilities in Rocket TRUfusion Enterprise

Accelerator Program

Avoiding Detection with Shellcode Mutator

CVE-2021-43444 to 43449: Exploiting ONLYOFFICE Web Sockets for Unauthenticated...

What is Cybersquatting?

How Circle Banned Tornado Cash Users

CVE-2021-44076: Cross-Site Scripting (XSS) in CrushFTP

Network Relaying Abuse in a Windows Domain

Error

No results found