There are a few projects GainSec have and are currently developing:
A Burp Plugin enabling a one click solution for instantly creating URI, URI Param and Single Word Wordlists from any selected Domains in Burp Suite.
Tree House Wordlists
Proof of Concept (PoC) for CVE: 2017-16744 and 2017-16748
A PoC script to check if a certain tridium niagara installation is vulnerable to either vulnerablity
Weaponized Mousejack and Keysniff Vulnerabilities
A python script for the Crazy Radio USB Dongle that weaponized the Mousejack and Keysniff Vulnerabilities as well as creating a DB with the information gathered from running
A python CLI to assist in your search engine dorking! Just input what you’re looking for and let it format the dorks for you!
Contributions to SecLists
Although I’m not one of the maintainers of SecLists I did contribute five wordlists (so far!) to SecLists.
Contributed to LeakLooker-X
I’m not the creator of LeakLooker-X but I did contribute a few minor fixes!
Although they’re included in the press page found HERE.
I figured I would include list here as well. Here is the list of CVEs I’ve discovered!
- CVE-2017-16744 – Blog Post
- CVE-2017-16748 – Blog Post
- CVE-2022-34613 – Blog Post
- CVE-2022-34618 – Blog Post
- CVE-2022-34619 – Blog Post
- CVE-2022-34625 – Blog Post
- CVE-2022-34009 – Blog Post
- CVE-2022-35142 – Blog Post
- CVE-2022-35143 – Blog Post
- CVE-2022-35144 – Blog Post
- CVE-2022-34108 – Blog Post Coming Soon!
- CVE-2022-34615 – Blog Post Coming Soon!
- CVE-2022-34621 – Blog Post Coming Soon!
- CVE-2022-34623 – Blog Post Coming Soon!
- CVE-2022-34624 – Blog Post Coming Soon!
- CVE-2022-34109 – Blog Post Coming Soon!
- CVE-2022-34110 – Blog Post Coming Soon!
More Coming Very Soon!