XSS

Analysis on malware imposing as adult content of Nepali celebrity
Venus Chhantel
March 20, 2023

Analysis on malware imposing as adult content of Nepali celebrity

Table Of Contents Background Analysis MITRE ATT&CK TTP Further Findings Indicator of Compromise (IoC) Recommendations Background In the recent month, there is misinformation circulating concerning leaks of private video of Nepali female celebrities.

Read More
Signature Malleability Vulnerabilities in Smart Contracts
Aayushman Thapa Magar
October 30, 2022

Signature Malleability Vulnerabilities in Smart Contracts

Table Of Contents Foreword Contents Cryptography Basics Hashing Encryption Digital Signature Cryptography in Ethereum Elliptic Curve Cryptography Overview Point Addition Scalar Multiplication Key generation Signatures in Ethereum ECRECOVER Overview Security Risk Mitigation Measure References Foreword This is third in a series of articles on vulnerabilities that smart contracts are susceptible to.

Read More
Re-entrancy Vulnerabilities in Smart Contracts
Aayushman Thapa Magar
October 5, 2022

Re-entrancy Vulnerabilities in Smart Contracts

Table Of Contents Foreword Contents Re-entrancy Overview Security Risk Example Identification techniques Mitigation measures References Foreword This is second in a series of articles on vulnerabilities that smart contracts are susceptible to.

Read More
Transaction Order Dependence Vulnerabilities on Smart Contracts
Aayushman Thapa Magar
October 4, 2022

Transaction Order Dependence Vulnerabilities on Smart Contracts

Table Of Contents Foreword Table of Contents Transaction Order Dependence Overview Introduction Ethereum mempool Security Risk Example Identification Techniques Mitigation Measures References Foreword This work is first in the series of articles on vulnerabilities that smart contracts are susceptible to.

Read More
leveraging the SQL Injection to Execute the XSS by Evading CSP
Nirmal Dahal
July 12, 2022

leveraging the SQL Injection to Execute the XSS by Evading CSP

Although it sounds silly, I am dumb enough to do this.

Read More
International standard for information security (ISO) - 27001
Yojan Dhakal
April 17, 2022

International standard for information security (ISO) - 27001

Table Of Contents ISO 27001 Introduction About ISMS Needs of ISMS How ISO 27001 work?

Read More
A Pentester's Prespective: SWIFT Vulnerability Assessment
Niraj Kharel
April 8, 2022

A Pentester's Prespective: SWIFT Vulnerability Assessment

Table Of Contents Local SWIFT Infrastructure Operators Operators PCs Data Exchange Layer Middleware Server Architecture Assessment Approaches Approach - I Approach - II What should a tester look for while using this approach?

Read More