• About Us
  • Services
  • Research
  • Partners
  • CONTACT US
BlackCat Security Logo


info@blackcatsecurity.io

  • Home
  • About Us
  • Services
  • Research
  • Partners
Contact Us
  1. Home
  2. Research

Research

NPM Package Confusion

NPM Package Confusion

Supply Chain

In this article I will demonstrate how an organization exposed themselves to an NPM package takeover. Vulnerability:...

Read More
Analysis of Malicious Phishing Email

Malware Analysis

Analysis of Malicious Phishing Email

A while back I worked an incident for a company which stemmed from a phishing email. When I start working incidents...

Read More
CSRF to Account Takeover

Web Apps

CSRF to Account Takeover

My wife and I are regulars at a popular boutique fitness studio which, as all things must, comes with a web app. So...

Read More
Adversary Levels

Enterprise Operations

Adversary Levels

1. Level 1 – Common Adversary: This level of adversary is the lowest level tier. Most adversaries at this level are...

Read More
ASX to MP3 Converter Buffer Overflow with DEP Bypass – ROP Chains

Exploit Development

ASX to MP3 Converter Buffer Overflow with DEP Bypass – ROP Chains

First we can use mona.py to identify gadgets and compute potential rop chains..<snip>..Check mona’s output...

Read More
ASX to MP3 Converter Buffer Overflow

Exploit Development

ASX to MP3 Converter Buffer Overflow

Upon opening the provided exploit file, fuzzing.asx in Notepad++ it’s clear there is some sort of file formatting...

Read More
Bug Bounty

Enterprise Operations

Bug Bounty

There are countless resources out there on participating in Bug Bounty programs from a researcher's perspective....

Read More
« Older Entries
BlackCat Security Logo White
  • About Us
  • Services
  • Research
  • Contact Us
  • Privacy Policy

About Us

Services

Research

Contact Us

Privacy Policy

  • Follow

Copyright © 2023 – Black Cat Security. All Rights Reserved.