Types Of Security Testing: Scans, Assessments, Pentests
Learn about different types of security testing, like the differences between Scans vs Vulnerability Assessment vs Penetration Testing with White Oak’s experts.
Blog
Automating Authorization Testing: AuthMatrix – Part 1
This White Oak series covers what is authorization testing & AuthMatrix’s basic setup of roles, users, & requests for a simple application that only uses cookies.
GitHub Cave Of Wonders: Secrets – Part 1
GitHub Cave Of Wonders – Part 1 begins to dive into secrets management & how data repositories are a treasure trove for malicious threats. Read White Oak’s blog
Android Debug Bridge (ADB) Guide
Learn the mobile app testing tool Android Debug Bridge, or ADB. White Oak’s guide covers installation details, main functionality, & tips for mobile assessments.
Mobile Security Framework (MobSF) Overview: Part 1
Kurt begins a mobile security framework, or MobSF, overview White Oak Security blog series by getting you started, teaching you the tool’s core features, and more.
Unauthenticated: XXE Edition
Welcome to another installment of Unauthenticated! In this post, we will look at a recent web application penetration test where an XML external entity (XXE) expansion vulnerability was exploited without […]
Bypassing Defenses: Cylance
Bypassing defenses with Cylance during a White Oak Security’s red team engagement to extract domain admin credentials from LSASS leads to a HUGE compromise.
Insecure Password Reset
Brett uncovers an insecure password reset during a pentest, this post will go through the password reset functionality, what went wrong, & how to fix this issue.
Installation & Use Of TestSSL.sh Tool
Discover how to use, configure, & install one of White Oak Security’s penentration testers, Brett DeWall’s favorite (& free) pentesting tools, TestSSL.sh.
Preparing For Ransomware Attacks
The effects of ransomware attacks are no longer limited to large corps, it’s important for the average person to understand & be prepared for ransomware attacks.