How To Pick A Tubular Lock
Tubular Lock The tubular lock has many different names including: circle pin tumbler lock, radial lock, or ace lock. The tubular lock consists of multiple stacks of pins in a […]
Author: Brett DeWall
How I Became A Penetration Tester
This series of blog posts was sparked from a recent internal discussion and is really just to learn how penetration testing individuals “got their start” or became interested with security, […]
Access Without Mimikatz: Internal Monologue
Credential Access Without Mimikatz On a recent engagement, a client implemented multiple EDR solutions to prevent common ways of obtaining credentials either through Mimikatz or various LSASS memory dumping methods. […]
Bypassing Doors – Part 4: Compressed Air
Let’s bypass another REX sensor on a door we don’t have access to! The Bypassing Doors blog series demonstrates easy-to-use tools and techniques that can be utilized to bypass an […]
Bypassing Doors – Part 3: REX Sensor
Let’s bypass another door we don’t have access to! The Bypassing Doors blog series demonstrates easy-to-use tools and techniques that can be utilized to bypass an organization’s interior and exterior […]
Bypassing Doors – Part 2: DDT
Wondering how our White Oak Security pentesters open doors they don’t have access to? The Bypassing Doors blog series will demonstrate easy-to-use tools and techniques that can be utilized to […]
Bypassing Doors – Part 1: UTDT
Physical red team attacks are something we are passionate about at White Oak Security. Ever wonder how we open doors we don’t have access to? The Bypassing Doors blog series […]
Gophish Setup: Gandi – Part 2
Please review our Gophish – Part 1 blog to ensure you are ready to proceed with configuring Gophish with Gandi before proceeding with the following blog post below. In this […]
Bug Bounty Frustrations
Recently, the pentesters here at White Oak Security have run into some common frustrations regarding bug hunting on various platforms. These can be broken down into several categories – communication, […]
Server-Side Request Forgery Attack & Fix
SSRF Attack We recently came across a privilege escalation attack avenue during a web application / thick client penetration test. In this blog post, I will be talking about a […]