CVE-2022-25026 & CVE-2022-25027: Vulnerabilities in Rocket TRUfusion Enterprise 4 Jan 2023 Nettitude recently conducted a penetration test for a customer who used Rocket TRUfusion Enterprise within their external infrastructure.... Read more
Avoiding Detection with Shellcode Mutator 21 Dec 2022 Today we are releasing a new tool to help red teamers avoid detection. Shellcode is a small piece... Read more
CVE-2021-43444 to 43449: Exploiting ONLYOFFICE Web Sockets for Unauthenticated... 14 Dec 2022 About 18 months ago, I was conducting a pentest of a document management platform. It was designed with... Read more
What is Cybersquatting? 9 Nov 2022 Cybersquatting is the act of registering a domain name which looks similar to a target domain in order... Read more
How Circle Banned Tornado Cash Users 28 Sep 2022 Tornado Cash is an open-source, decentralised cryptocurrency mixer. Using zero-knowledge proofs, this mixes identifiable funds with others, obscuring... Read more
CVE-2021-44076: Cross-Site Scripting (XSS) in CrushFTP 14 Sep 2022 During the course of our work, Nettitude have identified a stored Cross-Site Scripting (XSS) vulnerability within the CrushFTP... Read more
Network Relaying Abuse in a Windows Domain 31 Aug 2022 Network relaying abuse in the context of a legacy Windows authentication protocol is by no means a novel... Read more
CVE-2022-30211: Windows L2TP VPN Memory Leak and Use after... 17 Aug 2022 Nettitude discovered a Memory Leak turned Use after Free (UaF) bug in the Microsoft implementation of the L2TP... Read more
Offensive Security: From OSCE to OSCE3 8 Aug 2022 OSCE3 (Offensive Security Certified Expert 3) is a certification from Offensive Security which has replaced the (now retired)... Read more
CVE-2022-24004 & CVE-2022-24127: Vanderbilt REDCap - Stored Cross Site... 15 Jun 2022 Nettitude identified two stored Cross Site Scripting (XSS) vulnerabilities within Vanderbilt REDCap. These have been assigned CVE-2022-24004... Read more
Best seller New Price from Limited availability Course type Course length Dates and location x *PLEASE NOTE: Course is available in more countries, languages and dates*