Black Lantern Security (BLSOPS)

TecCom TecConnect 4.1 XML External Entity (XXE)

CVE-2025-10183

Sep 9 • 

Kyle Griffin

3

June 2025

Doomla! Zero Days

Discovery and Exploitation of two Zero Days from the perspective of a first year Penetration Tester.

Jun 11 • 

Jack Pas

3

1

May 2025

ASP.NET Cryptography for Pentesters

This article was originally posted to blog.liquidsec.net on June 1, 2021.

May 2 • 

Paul Mueller

April 2025

How to Eat an Entire Elephant

Scanning the Internet with BBOT

Apr 18 • 

Micheal Reski

, 

Paul Mueller

, and 

TheTechromancer

3

March 2025

CVE-2025-1888—Reflected XSS in Aperio Eslide Manager

The Aperio Eslide Manager application is vulnerable to reflected cross-site scripting (XSS), which primarily affects the Leica Web Viewer within the…

Mar 14 • 

Mark Gaddy

Tool Release: Webcap

An ultra-lightweight web screenshot tool with advanced features.

Mar 3 • 

TheTechromancer

August 2024

BBOT 2.0 - Release Announcement

The recursive internet scanner gets an upgrade

Aug 9, 2024 • 

TheTechromancer

4

July 2024

Detecting Process Injection

Evasion Techniques and Detection Strategies for Memory-Resident Malware

Jul 16, 2024 • 

Adeem Mawani

May 2024

Introducing BadDNS

Black Lantern Security is publicly releasing our new Python DNS auditing tool, BadDNS.

May 15, 2024 • 

Paul Mueller

2

September 2023

XSS and SQLi in Forecast® by Tideworks

Tideworks: CVE-2022-43112 & CVE-2022-43115: Forecast® (10.10.0.13153)

Sep 19, 2023 • 

Jacob Holvick

August 2023

Subdomain Enumeration Tool Face-off - 2023 Edition

Benchmarking the industry's top subdomain enumeration tools

Aug 7, 2023 • 

TheTechromancer

4

BBOT - DEF CON Tool Release

BBOT 1.1.0 is here, and with it some exciting new developments!

Aug 7, 2023 • 

TheTechromancer

1