LabsWe build innovative, sustainable solutions that solve real-world problems for our customers and ourselves.
What is Labs?Labs is a small team at Praetorian doing big things. Our mission is to reliably build innovative and sustainable solutions that meaningfully solve real-world problems for ourselves and our customers. We're a small team making major impacts on the company and the industry. Our projects vary greatly, from developing new product and service capabilities to meet emerging customer needs to providing subject matter expertise and advise and assist operations to our product, engineering, and services teams.
Recent ProjectsFrom product support to building out radical new technologies, we approach projects that align with our company strategy, with the speed and ambition of a startup.
What’s New at Praetorian LabsWhat catches our attention? Game changing ideas and advancements with the potential for a 10X impact on the world’s most challenging problems.What We’re Reading January 1, 2021Surreptitious Software: Obfuscation, Watermarking, and Tamperproofing for Software Protection: Obfuscation, Watermarking, and Tamperproofing for Software ProtectionNot for the faint at heart, but this book offers thorough, scholarly coverage of an area that is growing in importance in cybersecurity Christian Collberg's take on Surreptitious Software: Obfuscation, Watermarking, and Tamperproofing for Software Protection: Obfuscation, Watermarking, and Tamperproofing for Software Protection New campaign targeting security researchers Google Top 10 web hacking techniques of 2020 - nominations open PortSwigger Our Writings MeshCentral Cross-Site Websocket Hijacking Vulnerability (CVE-2024-26135)Overview In this article we discuss a recent cross-site websocket hijacking (CSWSH) vulnerability that we identified in MeshCentral, a web-based remote monitoring and endpoint management solution. MITRE assigned the CVE identifier CVE-2024-26135. End users can use MeshCentral to install agents that communicate with a centralized server. The centralized server then allows users to perform remote […] Read more Exploiting Kubernetes through Operator InjectionIntro The Kubernetes documentation describes operators as “software extensions to Kubernetes that use custom resources to manage applications and their components.” These operators automate application resource deployment and management with custom controllers tied to one or more custom resource definitions. Custom controllers create bespoke attack surfaces that attackers can target when they can control custom resource data. […] Read more Relution Remote Code Execution via Java Deserialization VulnerabilityOverview In this article we discuss a recent deserialization vulnerability we found in Relution (CVE-2023-48178), a mobile device management product that is popular among multinational German corporations. CVE-2023-48178 can potentially lead to remote code execution and complete compromise of the MDM application and clients managed by the solution. The deserialization vulnerability exists in a component […] Read more View More
MeshCentral Cross-Site Websocket Hijacking Vulnerability (CVE-2024-26135)Overview In this article we discuss a recent cross-site websocket hijacking (CSWSH) vulnerability that we identified in MeshCentral, a web-based remote monitoring and endpoint management solution. MITRE assigned the CVE identifier CVE-2024-26135. End users can use MeshCentral to install agents that communicate with a centralized server. The centralized server then allows users to perform remote […] Read more
Exploiting Kubernetes through Operator InjectionIntro The Kubernetes documentation describes operators as “software extensions to Kubernetes that use custom resources to manage applications and their components.” These operators automate application resource deployment and management with custom controllers tied to one or more custom resource definitions. Custom controllers create bespoke attack surfaces that attackers can target when they can control custom resource data. […] Read more
Relution Remote Code Execution via Java Deserialization VulnerabilityOverview In this article we discuss a recent deserialization vulnerability we found in Relution (CVE-2023-48178), a mobile device management product that is popular among multinational German corporations. CVE-2023-48178 can potentially lead to remote code execution and complete compromise of the MDM application and clients managed by the solution. The deserialization vulnerability exists in a component […] Read more