Bypassing Doors – Part 4: Compressed Air
Let’s bypass another REX sensor on a door we don’t have access to! The Bypassing Doors blog series demonstrates easy-to-use tools and techniques that can be utilized to bypass an […]
Blog
Bypassing Doors – Part 3: REX Sensor
Let’s bypass another door we don’t have access to! The Bypassing Doors blog series demonstrates easy-to-use tools and techniques that can be utilized to bypass an organization’s interior and exterior […]
Bypassing Doors – Part 2: DDT
Wondering how our White Oak Security pentesters open doors they don’t have access to? The Bypassing Doors blog series will demonstrate easy-to-use tools and techniques that can be utilized to […]
Bypassing Doors – Part 1: UTDT
Physical red team attacks are something we are passionate about at White Oak Security. Ever wonder how we open doors we don’t have access to? The Bypassing Doors blog series […]
Bypassing OpenSSH MaxAuthTries
Chances are if you’re reading this article, you are in the middle of a penetration test against a fairly large enterprise with some legacy equipment hanging off the network. You’ve […]
Jenkins: Remote Execution Via Malicious Jobs
This article is a follow-up to Unauthenticated: Jenkins Edition where we discussed the dangers of unauthenticated access to the /script and /credentials pages of Jenkins systems. This article will focus […]
Gophish Setup: Gandi – Part 2
Please review our Gophish – Part 1 blog to ensure you are ready to proceed with configuring Gophish with Gandi before proceeding with the following blog post below. In this […]
MiniDumpDotNet: Pure CLR Alt – Part 2
MiniDumpDotNet – Part 1 & 2 In MiniDumpDoNet – Part 1, we took a brief look at the MiniDumpWriteDump() Win32 API and considered options for reimplementation for the purposes of […]
MiniDumpDotNet: MiniDumpWriteDump – Part 1
MiniDumpWriteDump The Background Story Throughout 2021 a thought had been bouncing around in my head: why hasn’t anyone reimplemented MiniDumpWriteDump? For those who are not yet familiar, the Win32 API […]
DNSscope: Tool for Automating DNS Recon
White Oak Security Introduces DNSscope Tool White Oak Security’s experts created a tool to make performing deep attack surface analysis and identifying assets quicker – introducing DNSscope, a tool for […]