So here are some links I’ve found mentioning GainSec or myself.
Check out one of my security research papers published in the latest issue of Phrack! – Link
Note: I’m actively searching for the News Segment video I was in while I was at Leet Cyber Security, if you have a recording please send it my way!
This is the video I’m looking for.
Know of one I didn’t find?
Please send it to info@gainsec.com!
Multiple Links relating to my first two CVEs I discovered, CVE-2017-16744 and CVE-2017-16748 – US-CERT Advisory – SecurityFocus – NIST 1 – NIST 2 – VulDB 1 – VulDB 2 – Blog Post
CVE-2017-16744 – Blog Post
CVE-2017-16748 – Blog Post
CVE-2022-34613 – Blog Post
CVE-2022-34618 – Blog Post
CVE-2022-34619 – Blog Post
CVE-2022-34625 – Blog Post
CVE-2022-34009 – Blog Post
CVE-2022-35142 – Blog Post
CVE-2022-35143 – Blog Post
CVE-2022-35144 – Blog Post
CVE-2022-34108 – Blog Post
CVE-2022-34615 – Blog Post
CVE-2022-34621 – Blog Post
CVE-2022-34623 – Blog Post
CVE-2022-34624 – Blog Post
CVE-2022-34109 – Blog Post
CVE-2022-34110 – Blog Post
CVE-2022-37857 – Blog Post
CVE-2022-37164 – Blog Post
CVE-2022-37163 – Blog Post
CVE-2024-32210 – Blog Post
CVE-2024-32211 – Blog Post
CVE-2024-32212 – Blog Post
CVE-2024-32213 – Blog Post
CVE-2025-25730 – Blog Post
CVE-2025-25727 – Blog Post
CVE-2025-25728 – Blog Post
CVE-2025-25729 – Blog Post
CVE-2025-47818 – Blog Post
CVE-2025-47819 – Blog Post
CVE-2025-47820 – Blog Post
CVE-2025-47821 – Blog Post
CVE-2025-47822 – Blog Post
CVE-2025-47823 – Blog Post
CVE-2025-47824 – Blog Post
CVE-2025-25732 – Blog Post (TBD)
CVE-2025-25733 – Blog Post (TBD)
CVE-2025-25734 – Blog Post (TBD)
CVE-2025-25735 – Blog Post (TBD)
CVE-2025-25736 – Blog Post (TBD)
CVE-2025-25737 – Blog Post (TBD)
CVE-2025-25738 – Blog Post – Not Published Yet
Post I made via my previous day Job about my 2017 CVEs – Link
Albany NY Magazine Article – Link
Archive of New Segment I was in during my time at Leet (Looking for the video that went along with this segment!!) – Preview Link – Full Article (Minus the Video)
Alumni Story from Herkimer Community College (HCC) – Link
Full spread from Herkimer Alumni Connections Magazine – Mirror – Link
Featured under the Cyber Security Degree Listing of HCC – Link
Quoted and mentioned on the SUNY Online Cyber Security Program Listing – Link – Mirror
Archive of IronGeek Links from ANYCon – Link
Interview with Security Weekly – Link – GainSec Reupload
Lecture posted on IronGeek.com – Link – GainSec Reupload
Lecture from ANYCon posted by Leet Cyber Security – Link – Link 2 – GainSec Reupload
Lecture From CyBEER posted by Leet Cyber Security – Link – GainSec Reupload
Link-Base Listings – Link – Mirror
STOK – YouTube – GainSec GoldenNuggets Shoutout – Link
InfoSec Pat – YouTube – Nerd Talk week 10 – Link
InfoSec Pat – YouTube – Nerd Talk week 12 – Link
Swiping Sunday Podcast – Featuring GainSec – Link
Execs Need Less Talk, More Action on Software Security – Link
Spoofing Bug Highlights Cybersecurity for Digital Vaccine Passports – Mirror – Link
NTFS Support in new Linux kernel promises to make new release more cryptographically sound – Link
Report highlights cybersecurity dangers of Elastic Stack implementation mistakes –Mirror – Mirror – Mirror – Mirror – Link
Widespread Elastic stack API security vulnerability – Link
Easily exploited Elastic Stack API security flaw exposes data – Link
‘Trojan Source’ a Threat to All Source Code, Languages – Link
Industry Reactions to New ‘Trojan Source’ Attack: Feedback Friday – Link
3 Ways to Deal With the Trojan Source Attack – Link
‘Trojan Source’ technique can inject malware into source code without detection – Link
‘Trojan Source’ Hides Invisible Bugs in Source Code – Link
Why VMware Horizon became a ‘top choice’ for Log4j attacks – Link – Mirror – Mirror – Mirror
Threat actors target MFA token via man-in-the-middle attacks – Link
Increasing Adoption of Phishing Kits Puts MFA at Risk – Link – Mirror
How to Find a Data Leak in 50 Easy Steps (Blog post from my day job) – Link
Microsoft: Key Office apps will block macros by default – Link
Microsoft Blocks VBA Macros by Default, Temporarily Shuts Down MSIX Protocol – Link
Nearly 50% of all SaaS-to-SaaS integrations sit unused following a failed POC effort – Link
Messaging Apps That Are Secure: Signal vs. WhatsApp – Link
Reddit Mentions – Link 1
12 Best Social Engineering Books of All Time – Link
Metasploit Payload Injection By using Raspberry Pico Pi – Link
#OSINT_2020-08-29_08-55-29.xlsx (experimental version) – Link
Article Published in IntelTechniques (Michael Bazzell) Unredacted Magazine (pg. 34) – Link
Lectured at DefCon Paris: Cheap ‘n’ Easy Phishing (That Actually Works) which covers how I compromised a trillion dollar organization via phishing for under $150 – Link – Defcon Paris Blog Link
Hacking Fortune 100 Companies For A Living With Jon Gaines – Link
Lectured at DefCon Paris: Academic Degrees vs Certifications vs CVEs – Link
Talk about Thick Client Pentesting – Link
Featured Speaker at Legado Startup Event – Link
Q&A With Legado – Link
Lecture featured in learning plan – Link
Sourced for a technical Publication – Link
Referenced in Cloud GitHubRepo – Link
Class Central featured my lecture – Link
Marketing Article Mentioning CVE-2025-25730 – Link
Article (Likely AI Generated) about CVE-2025-25727 – Link
Article (Likely AI Generated) about CVE-2025-25729 – Link
Site that shows an old post of mine as an example – Link
Flock Safety’s PR statement about the vulnerabilities I shared with them – Link
Security Research Paper Published in Phrack – Link