White Oak Security recently performed a red team engagement for a client where we discovered subsidiaries owned by their parent company (which we were testing against). All of these subsidiaries […]
Brett uncovers an insecure password reset during a pentest, this post will go through the password reset functionality, what went wrong, & how to fix this issue.
Discover how to use, configure, & install one of White Oak Security’s penentration testers, Brett DeWall’s favorite (& free) pentesting tools, TestSSL.sh.
Don’t believe everything you see! Invisible or hidden data in web application pentesting could be revealing details like SSNs, like in this example by White Oak.
Brett DeWall (one of our pentesters) is back at it again, with White Oak Security’s new blog – a guide on how to root a Google Pixel 4a Smartphone. Learn how…
Skim Job is White Oak Security’s RFID skimmer project, discover how we did this social engineering RFID security attack of skimming our way into client buildings.
In a previous blog post I talked about downloading, installing, and using the Proxmark3 for social engineering engagements. This post will build off of the content discussed previously and walk […]
It seems like more and more often I get asked what equipment I utilize for performing wireless penetration tests (802.11 wireless networking). In this post I will talk about the […]
This blog post will walk through utilizing publicly available exploit code to compromise a network through Zerologon.
In this blog series, we will be performing a walkthrough of interesting domain takeovers that have occurred during pentest engagements. The first part of this series occurred rather recently during […]