Projects

There are a few projects GainSec have and are currently developing:

Chickenpete

Golden Nuggets

A Burp Plugin enabling a one click solution for instantly creating URI, URI Param and Single Word Wordlists from any selected Domains in Burp Suite.

Link HERE

68747470733a2f2f7669676e657474652e77696b69612e6e6f636f6f6b69652e6e65742f6b6e642f696d616765732f652f65622f4b6964735f4e6578745f446f6f725f4d6f6f6e626173652e6a70672f7265766973696f6e2f6c6174657374

Tree House Wordlists

Wordlist Project meant to add-on to the popular FuzzDB, SecLists, Blasting Dictionary, PayloadAllTheThings and more!

Link HERE

Hackers LunchBox

A collection of Finding/Vulnerability/Attack Path/Exploit Mind Maps meant to assist in more findings, better vulnerability chains and a clearer path of how and where to test, look and leverage what you’re encountering during an engagement.

Link HERE

download

 Proof of Concept (PoC) for CVE: 2017-16744 and 2017-16748

A PoC script to check if a certain tridium niagara installation is vulnerable to either vulnerablity

Link HERE

mousejack

Weaponized Mousejack and Keysniff Vulnerabilities

A python script for the Crazy Radio USB Dongle that weaponized the Mousejack and Keysniff Vulnerabilities as well as creating a DB with the information gathered from running

Link HERE

Screen Shot 2020-05-06 at 11.43.09 PM

Dorker

A python CLI to assist in your search engine dorking! Just input what you’re looking for and let it format the dorks for you!

Link HERE

Contributions to SecLists

Although I’m not one of the maintainers of SecLists I did contribute five wordlists (so far!) to SecLists.

Link HERE

Contributed to LeakLooker-X

I’m not the creator of LeakLooker-X but I did contribute a few minor fixes!

Link HERE

CVE – Rbcafe

CVES Discovered

Although they’re included in the press page found HERE.

I figured I would include list here as well. Here is the list of CVEs I’ve discovered!

More Coming Very Soon!