π Vulnerability Research with PinewoodSec
Exploring modern web security threats with practical demos and CVE deep dives.
π About the Project
PinewoodSec is our initiative to showcase real-world vulnerability research with hands-on demos. From authentication bypasses to file inclusion and RCEs, each lab is designed to help you learn through doing.
Whether you're a student or professional, PinewoodSec offers a practical way to explore CVEs, exploit chains, and secure coding practices.
π― Demo Objectives
- Understand CVE-2025-24813: Tomcat Path Equivalence RCE
- Learn to identify and exploit path traversal bugs
- Build your own vulnerable lab (PinewoodStore)
- Practice mitigation techniques in real code
Hello everyone, Today we would be discussing about Stored XSS and how this vulnerability is exploited by bad actors. We would also analyze vulnerable source code from PinewoodStore, a Vulnerable Web I...
I have created vulnerable web application using Front end react and backend spring boot. This test application web application is called PinewoodStore. Some of the vulnerabilities that have been intro...
I started using ChaptGPT just recently and i have been noticing that still has a long way to go from replacing Developers. That being said still has huge potential and can be great tool if you are wil...
The source most of server side Application vulnerabilities is the underlying source code that is being used to create this application. The first question that came to my mind how useful can ChatGPT b...
As part of source code analysis lab i was researching to see what ChatGPT offers as compliant source code to some of the well known vulnerabilities. The one i was researching was about creating an app...
In Level 5 of the Hacking game I decided to include very important step in all security assessments which is source code analysis. The main objective of the game remains the same which is third person...
As the journey continues on the pursuit of presenting Cybersecurity in gamified manner to make it easier for learn and also enjoy gaming on the side , another idea that came to my mind is actually to ...
Level 3 of this hacking game is created in City Scene and the difficult of the gameplay has been raised by introducing more blue team members who are defending a supermarket called “Pinewood Sup...
I am expanding on the third person shooter hacking game created with Unreal Engine. I have given it the name “DOOMSDAY HACKERS”. The gameplay for the LEVEL 2 challenge involves eliminating...
How the Idea came along to Design a Hacking Game ? As a cybersecurity professional we all had to keep ourselves updated with latest hacking trends whether to use it in Penetration testing job role or ...