TitanFTP Vulnerability Disclosure
White Oak Security discovered multiple vulnerabilities in the TitanFTP NextGen server owned by South River Technologies. TitanFTP NextGen is a FTP/SFTP server utilized to manage file transfers and includes a […]
Blog
Phishing For Success – Part 4
Thanks for returning to our Phishing For Success series! Welcome to part 4. As you probably know by now, I’m a Senior Threat Emulation Specialist here at White Oak Security […]
Flipper Fanclub: Part 2 – Updating Your Flipper Zero
Updating Your Flipper Zero: A Guide to Firmware Updates (RogueMaster Edition) NOTE: Flipper Fanclub Part 1 is located here The Flipper Zero is a powerful and versatile device, but like […]
Rogue Devices as a Vector for Kinetic Attacks
UPDATE: This blog post was written prior to the USB explosive incident in Ecuador. Some edits have been made to note these events. DISCLAIMER The following blog post describes a […]
APKLeaks: Discover leaks within APK files
I was recently combing through GitHub for a tool that I tend to use on mobile application penetration tests when I came across APKLeaks. I currently make use of Mobile […]
Frevvo Vulnerability Disclosure
White Oak Security discovered a “Zip Slip” Authenticated Remote Code Execution vulnerability in Frevvo Live Forms (https://www.frevvo.com). Frevvo Live Forms is a workflow automation software used to automate processes and […]
Using DNS to Bypass SSRF Protections
Scenario On a recent web application penetration test, I identified a classic server-side request forgery (SSRF) vulnerability that used a denylist in an attempt to prevent active exploitation. This post […]
What Is A Penetration Tester
Welcome to this post in the Interview With A Pentester blog series! We will interview a White Oak Security expert to discuss what is a penetration tester, how this cybersecurity […]
Threat Hunter
When I first came to White Oak Security, I was presented with a unique opportunity to do some training for threat hunting assessments. Prior to that point, I had some […]
Cyber Security Mentor
Today in our Interview With A Pentester blog series, we deep dive into the mind of White Oak Security’s cyber security mentor. In this post, it is evident that Tib3rius […]