Skip to content
GainSec

GainSec

Where OSINT, Hacking, Penetration Testing, Privacy, Piracy, Information Security, Cyber Security and Law are a lifestyle.

  • Home
  • Projects
  • Shop
  • Services
  • Press
  • Inquiries
  • About Me
  • Archives
  • FAQ
  • Cart
  • $0.00 0 items

Protected: Hardcoded Credentials/Weak Password Policies

There is no excerpt because this is a protected post.

gainsec Android Hacking, CVE, Hacking Android, Mobile Penetration Testing, Pentesting Android August 7, 2022August 7, 2022

How I found 15 CVEs in 3 nights and how YOU can too.

My explanation of how I found 15 CVEs in 3 nights and my tips on how you can too!

gainsec API Penetration Testing, Cloud Penetration Testing, CVE, External Penetration Tests, Information Security, iOS Penetration Testing, Mobile Penetration Testing, Web Application Pen Testing Leave a comment August 6, 2022August 8, 2022

CVE-2022-35142, CVE-2022-35143, CVE-2022-35144 – DoS, XSS and Weak Password Policy in Renato a Markdown powered knowledge base

Multiple new CVEs discovered and disclosed! XSS, DoS and a weak password policy!

gainsec CVE, Web Application Pen Testing Leave a comment August 4, 2022August 4, 2022

CVE-2022-34613, CVE-2022-34618, CVE-2022-34619 – Multiple XSS (And more) in Mealie

Multiple new CVEs discovered and disclosed! XSS, file uploads and more!

gainsec CVE, Web Application Pen Testing Leave a comment August 2, 2022August 2, 2022

CVE-2022-34625 – Server-Side Template Injection to Remote Code Execution (SSTI) to (RCE) in Mealie – A lesson in patience

A detailed walkthrough of CVE-2022-34625 aka a Server-Side Template Injection (SSTI) to Remote Code Execution (RCE)

gainsec CVE, Web Application Pen Testing Leave a comment August 2, 2022August 2, 2022

CVE-2022-34009

Denial of Service discovered against Fossil SCM when running on Windows boxes.

gainsec CVE, Web Application Pen Testing Leave a comment July 27, 2022July 29, 2022

How to Find the next BIG Data Leak in under 20 minutes or less! – LeakLooker-X – Updated 2022

An update to my tutorial for installing and running LeakLooker-X working properly with current versions of Kali Linux and Celery.

gainsec Uncategorized Leave a comment May 2, 2022May 1, 2022

Azure Cloud Pen Testing Software Suite

A great collection of scripts for attacking and defending Azure environments. Perfect for any azure cloud security assessment, audit or penetration test.

gainsec Azure Penetration Testing, Cloud Penetration Testing Leave a comment April 15, 2022April 14, 2022

Should I add this Repo to TreeHouse Wordlists?

You tell me what you think of this wordlist repo? Is it worth adding?

gainsec TreeHouse Wordlists Leave a comment April 5, 2022April 4, 2022

The Hacker’s Search Engine

An all-in-one "hacker" search engine

gainsec Security Research Leave a comment March 25, 2022March 24, 2022

Posts navigation

Older posts

Twitter Feed

My Tweets

Follow Us

  • GitHub
  • Twitter
  • Instagram
  • Tumblr
  • Pinterest
  • LinkedIn
  • YouTube
  • LinkedIn
  • Twitch
  • Facebook
  • Etsy
 

Loading Comments...