Phishing For Success – Part 4
Thanks for returning to our Phishing For Success series! Welcome to part 4. As you probably know by now, I’m a Senior Threat Emulation Specialist here at White Oak Security […]
Adversarial Simulation
Rogue Devices as a Vector for Kinetic Attacks
UPDATE: This blog post was written prior to the USB explosive incident in Ecuador. Some edits have been made to note these events. DISCLAIMER The following blog post describes a […]
Frevvo Vulnerability Disclosure
White Oak Security discovered a “Zip Slip” Authenticated Remote Code Execution vulnerability in Frevvo Live Forms (https://www.frevvo.com). Frevvo Live Forms is a workflow automation software used to automate processes and […]
Using DNS to Bypass SSRF Protections
Scenario On a recent web application penetration test, I identified a classic server-side request forgery (SSRF) vulnerability that used a denylist in an attempt to prevent active exploitation. This post […]
Threat Hunter
When I first came to White Oak Security, I was presented with a unique opportunity to do some training for threat hunting assessments. Prior to that point, I had some […]
LoRa Frequency & Penetration Testing
LoRa Frequency The Internet of Things (IoT) has revolutionized the way we live and work, connecting an ever-growing number of devices and systems to the internet. One key technology that […]
Phishing For Success – Part 3 & Autosneakphish Tool
Hi, again folks! Welcome back, I am a Senior Threat Emulation Specialist at White Oak Security. The majority of my time in the Cyber Security field has been focused on […]
Account Operators Privilege Escalation
On a recent Red Team engagement, White Oak Security had compromised a domain and dumped the Active Directory user password hashes. We attempted to pivot into another domain using shared […]
Phishing For Success – Part 2
Phishing Leadership Thanks for returning for part 2 of Phishing For Success! If you missed Phishing For Success – Part 1, be sure to catch up. 😜🎣 Newer to White Oak […]
Phishing For Success – Part 1
Leadership In Cyber Security Hi folks, I am a Senior Threat Emulation Specialist at White Oak Security. The majority of my time in cyber security has been focused heavily on […]