How I Became A Penetration Tester
This series of blog posts was sparked from a recent internal discussion and is really just to learn how penetration testing individuals “got their start” or became interested with security, […]
Author: Brett DeWall
Access Without Mimikatz: Internal Monologue
Credential Access Without Mimikatz On a recent engagement, a client implemented multiple EDR solutions to prevent common ways of obtaining credentials either through Mimikatz or various LSASS memory dumping methods. […]
Bypassing Doors – Part 4: Compressed Air
Let’s bypass another REX sensor on a door we don’t have access to! The Bypassing Doors blog series demonstrates easy-to-use tools and techniques that can be utilized to bypass an […]
Bypassing Doors – Part 3: REX Sensor
Let’s bypass another door we don’t have access to! The Bypassing Doors blog series demonstrates easy-to-use tools and techniques that can be utilized to bypass an organization’s interior and exterior […]
Bypassing Doors – Part 2: DDT
Wondering how our White Oak Security pentesters open doors they don’t have access to? The Bypassing Doors blog series will demonstrate easy-to-use tools and techniques that can be utilized to […]
Bypassing Doors – Part 1: UTDT
Physical red team attacks are something we are passionate about at White Oak Security. Ever wonder how we open doors we don’t have access to? The Bypassing Doors blog series […]
Gophish Setup: Gandi – Part 2
Please review our Gophish – Part 1 blog to ensure you are ready to proceed with configuring Gophish with Gandi before proceeding with the following blog post below. In this […]
Bug Bounty Frustrations
Recently, the pentesters here at White Oak Security have run into some common frustrations regarding bug hunting on various platforms. These can be broken down into several categories – communication, […]
Server-Side Request Forgery Attack & Fix
SSRF Attack We recently came across a privilege escalation attack avenue during a web application / thick client penetration test. In this blog post, I will be talking about a […]
What’s In A Social Engineering Toolkit?
One of the many services that White Oak Security offers is Onsite Social Engineering. As a pentester, I have performed 50+ physical onsite social engineering engagements over my professional career […]