Credential Access Without Mimikatz On a recent engagement, a client implemented multiple EDR solutions to prevent common ways of obtaining credentials either through Mimikatz or various LSASS memory dumping methods. […]
Cobalt Strike OpSec & Other Misadventures of Pentesting I’m old enough to know better. Since 2004 I’ve been in various offensive roles in infosec, so OpSec isn’t a new thing […]
Welcome to a new installment of Unauthenticated! One of my goals with this series is to drive home the point that authentication (with properly implemented access controls) is essential to […]
White Oak Security recently performed a red team engagement for a client where we discovered subsidiaries owned by their parent company (which we were testing against). All of these subsidiaries […]
In this edition of Bypassing Defenses, we’ll highlight how we were able to bypass the Endpoint Detection and Response (EDR) solution Symantec Endpoint Protection on a recent Red Team engagement, […]
GitHub Cave Of Wonders – Part 1 begins to dive into secrets management & how data repositories are a treasure trove for malicious threats. Read White Oak’s blog
Bypassing defenses with Cylance during a White Oak Security’s red team engagement to extract domain admin credentials from LSASS leads to a HUGE compromise.
Ever get a weird scam email and wonder why? Here is a White Oak Security blog about phishing attacks, a modest investigation into a few phishing emails we got.
Skim Job is White Oak Security’s RFID skimmer project, discover how we did this social engineering RFID security attack of skimming our way into client buildings.
In a previous blog post, I talked about downloading, installing, and using the Proxmark3 for social engineering engagements. This post will build off of the content discussed previously and walk […]