Skip to content
GainSec

GainSec

Where OSINT, Hacking, Penetration Testing, Privacy, Piracy, Information Security, Cyber Security and Law are a lifestyle.

  • Home
  • Projects
  • Shop
  • Services
  • Press
  • Inquiries
  • About Me
  • Archives
  • FAQ
  • Cart
  • $0.00 0 items

Category: Penetration Testing

Protected: Hardcoded Credentials/Weak Password Policies

There is no excerpt because this is a protected post.

gainsec Android Hacking, CVE, Hacking Android, Mobile Penetration Testing, Pentesting Android August 7, 2022August 7, 2022

How I found 15 CVEs in 3 nights and how YOU can too.

My explanation of how I found 15 CVEs in 3 nights and my tips on how you can too!

gainsec API Penetration Testing, Cloud Penetration Testing, CVE, External Penetration Tests, Information Security, iOS Penetration Testing, Mobile Penetration Testing, Web Application Pen Testing Leave a comment August 6, 2022August 8, 2022

CVE-2022-35142, CVE-2022-35143, CVE-2022-35144 – DoS, XSS and Weak Password Policy in Renato a Markdown powered knowledge base

Multiple new CVEs discovered and disclosed! XSS, DoS and a weak password policy!

gainsec CVE, Web Application Pen Testing Leave a comment August 4, 2022August 4, 2022

CVE-2022-34613, CVE-2022-34618, CVE-2022-34619 – Multiple XSS (And more) in Mealie

Multiple new CVEs discovered and disclosed! XSS, file uploads and more!

gainsec CVE, Web Application Pen Testing Leave a comment August 2, 2022August 2, 2022

CVE-2022-34625 – Server-Side Template Injection to Remote Code Execution (SSTI) to (RCE) in Mealie – A lesson in patience

A detailed walkthrough of CVE-2022-34625 aka a Server-Side Template Injection (SSTI) to Remote Code Execution (RCE)

gainsec CVE, Web Application Pen Testing Leave a comment August 2, 2022August 2, 2022

Azure Cloud Pen Testing Software Suite

A great collection of scripts for attacking and defending Azure environments. Perfect for any azure cloud security assessment, audit or penetration test.

gainsec Azure Penetration Testing, Cloud Penetration Testing Leave a comment April 15, 2022April 14, 2022

Should I add this Repo to TreeHouse Wordlists?

You tell me what you think of this wordlist repo? Is it worth adding?

gainsec TreeHouse Wordlists Leave a comment April 5, 2022April 4, 2022

CLI Web Discovery Alternative to Dirb, Dirsearch, Etc

A great alternative to have for web discovery during web app pen tests or bug bounties.

gainsec Bug Bounty, Web Application Pen Testing Leave a comment March 21, 2022March 20, 2022

All in One RF/HID reader/writer smaller then the ProxMark?!

A great and useful device for any physical penetration test or hardware hacking engagement.

gainsec Hardware, Physical Penetration Test, Physical Security Leave a comment March 17, 2022March 16, 2022

An Azure AD Recon and Exploitation Framework

A toolset for performing recon and exploiting an Azure AD instance.

gainsec Azure Penetration Testing, Cloud, Cloud Penetration Testing Leave a comment March 5, 2022March 4, 2022

Posts navigation

Older posts

Twitter Feed

My Tweets

Follow Us

  • GitHub
  • Twitter
  • Instagram
  • Tumblr
  • Pinterest
  • LinkedIn
  • YouTube
  • LinkedIn
  • Twitch
  • Facebook
  • Etsy
 

Loading Comments...