Unauthenticated: Docker Edition
Welcome to a new installment of Unauthenticated! One of my goals with this series is to drive home the point that authentication (with properly implemented access controls) is essential to […]
Blog
Attacks & Defenses: Dumping LSASS With No Mimikatz
Mimikatz Mimikatz (1) is a big-name tool in penetration testing used to dump credentials from memory on Windows. As a penetration tester, this method is invaluable for lateral and vertical […]
STEM Methodology Process
Our STEM Methodology process is White Oak Security’s unique, 3 phrase approach to personalized penetration & cyber security testing. Learn why White Oak uses…
Take Over Situations: Part 3 – SQL Injection to Domain Admin
White Oak Security recently performed a red team engagement for a client where we discovered subsidiaries owned by their parent company (which we were testing against). All of these subsidiaries […]
Bypassing Defenses: Symantec Endpoint Protection
In this edition of Bypassing Defenses, we’ll highlight how we were able to bypass the Endpoint Detection and Response (EDR) solution Symantec Endpoint Protection on a recent Red Team engagement, […]
Types Of Security Testing: Scans, Assessments, Pentests
Learn about different types of security testing, like the differences between Scans vs Vulnerability Assessment vs Penetration Testing with White Oak’s experts.
Automating Authorization Testing: AuthMatrix – Part 1
This White Oak series covers what is authorization testing & AuthMatrix’s basic setup of roles, users, & requests for a simple application that only uses cookies.
GitHub Cave Of Wonders: Secrets – Part 1
GitHub Cave Of Wonders – Part 1 begins to dive into secrets management & how data repositories are a treasure trove for malicious threats. Read White Oak’s blog
Android Debug Bridge (ADB) Guide
Learn the mobile app testing tool Android Debug Bridge, or ADB. White Oak’s guide covers installation details, main functionality, & tips for mobile assessments.
Mobile Security Framework (MobSF) Overview: Part 1
Kurt begins a mobile security framework, or MobSF, overview White Oak Security blog series by getting you started, teaching you the tool’s core features, and more.