Skip to content
GainSec

GainSec

Where OSINT, Hacking, Penetration Testing, Privacy, Piracy, Information Security, Cyber Security and Law are a lifestyle.

  • Home
  • Projects
  • Shop
  • Press
  • Inquiries
  • About Me
  • Archives
  • FAQ
  • Cart
  • $0.00 0 items

Tag: Web Application Penetration Test

CVE-2022-34615, CVE-2022-34621, CVE-2022-34623, CVE-2022-34624 – IDOR, User Enum and More (In Mealie)

Multiple new CVEs discovered and disclosed! IDOR, User Enum, invalid session termination and a weak password policy!

gainsec CVE, Information Security Leave a comment August 19, 2022August 19, 2022

CVE-2022-35142, CVE-2022-35143, CVE-2022-35144 – DoS, XSS and Weak Password Policy in Renato a Markdown powered knowledge base

Multiple new CVEs discovered and disclosed! XSS, DoS and a weak password policy!

gainsec CVE, Web Application Pen Testing Leave a comment August 4, 2022August 4, 2022

CVE-2022-34613, CVE-2022-34618, CVE-2022-34619 – Multiple XSS (And more) in Mealie

Multiple new CVEs discovered and disclosed! XSS, file uploads and more!

gainsec CVE, Web Application Pen Testing Leave a comment August 2, 2022August 2, 2022

CVE-2022-34009

Denial of Service discovered against Fossil SCM when running on Windows boxes.

gainsec CVE, Web Application Pen Testing Leave a comment July 27, 2022July 29, 2022

CLI Web Discovery Alternative to Dirb, Dirsearch, Etc

A great alternative to have for web discovery during web app pen tests or bug bounties.

gainsec Bug Bounty, Web Application Pen Testing Leave a comment March 21, 2022March 20, 2022

Using the WayBack Machine to create parameter wordlists

A tool to create parameter wordlists of whatever domains (and subdomains) via the internet archive (wayback machine)!

gainsec External Penetration Tests, Web Application Pen Testing Leave a comment March 7, 2022March 7, 2022

Insanely powerful wordlist generator – MUST HAVE for Web App Pen Tests and Bug Bounties

Extremely useful and impressive wordlist generator and much more; cook.

gainsec Bug Bounty, Web Application Pen Testing Leave a comment March 1, 2022February 20, 2022

WAF Payload Generator for Web App Pen Tests + Bug Bounty

Tool for bypassing WAFs using permutations and combinations of the payloads you already have.

gainsec Web Application Pen Testing Leave a comment February 27, 2022February 20, 2022

Holy Smokes Batman! Another big repo of Bug Bounty Reports, Cheat sheets, Checklists and more!

Another Repo of Web Application and API Bug Bounty, Penetration test and security assessment documents, reports and more!

gainsec API Penetration Testing, Web Application Pen Testing Leave a comment February 25, 2022February 20, 2022

Custom Formula CSV XLS XLSX Injection Wordlist

Created my own Formula/CSV/XLS/XLSX formula injection wordlist and added it to TreeHouse wordlists!

gainsec TreeHouse Wordlists, Web Application Pen Testing Leave a comment February 21, 2022February 19, 2022

Posts navigation

Older posts

Twitter Feed

My Tweets

Follow Us

  • GitHub
  • Twitter
  • Instagram
  • Tumblr
  • Pinterest
  • LinkedIn
  • YouTube
  • LinkedIn
  • Twitch
  • Facebook
  • Etsy
 

Loading Comments...