Insecure Password Reset
Brett uncovers an insecure password reset during a pentest, this post will go through the password reset functionality, what went wrong, & how to fix this issue.
Author: Brett DeWall
Installation & Use Of TestSSL.sh Tool
Discover how to use, configure, & install one of White Oak Security’s penentration testers, Brett DeWall’s favorite (& free) pentesting tools, TestSSL.sh.
Invisible Data in Web App Pentesting – Don’t Believe Everything You See
Don’t believe everything you see! Invisible or hidden data in web application pentesting could be revealing details like SSNs, like in this example by White Oak.
How To Root A Google Pixel 4a
Brett DeWall (one of our pentesters) is back at it again, with White Oak Security’s new blog – a guide on how to root a Google Pixel 4a Smartphone. Learn how…
Skim Job: Skimming Your Way In
Skim Job is White Oak Security’s RFID skimmer project, discover how we did this social engineering RFID security attack of skimming our way into client buildings.
RFID – A Social Engineers Best Friend – part 2 (Bruteforce)
In a previous blog post I talked about downloading, installing, and using the Proxmark3 for social engineering engagements. This post will build off of the content discussed previously and walk […]
Let’s Talk Wireless Pentesting Equipment
It seems like more and more often I get asked what equipment I utilize for performing wireless penetration tests (802.11 wireless networking). In this post I will talk about the […]
Interesting Take Over Situations (part 2 – Zerologon)
This blog post will walk through utilizing publicly available exploit code to compromise a network through Zerologon.
Interesting Take Over Situations (part 1)
In this blog series coworkers and I will be performing a walkthrough of interesting domain take overs that have occurred during pentest engagements. The first part to this series occurred […]
The Amazon Scam (COVID-19)
Lately, I have received more phishing emails in my burner (test) email that are related to Amazon than ever before. This probably due to the influx of online shopping driven […]