Welcome to another installment of Unauthenticated! In this post, we will look at a recent web application penetration test where an XML external entity (XXE) expansion vulnerability was exploited without […]
Brett uncovers an insecure password reset during a pentest, this post will go through the password reset functionality, what went wrong, & how to fix this issue.
Discover how to use, configure, & install one of White Oak Security’s penentration testers, Brett DeWall’s favorite (& free) pentesting tools, TestSSL.sh.
Part 2 on dockerizing a web testing environment and crafting custom wordlists by White Oak Security, continue this how-to blog series & learn from our experts.
Discover White Oak Security’s how to blog series part one on dockerizing a web testing environment, a safe way for pentesters to learn & test new things!
Don’t believe everything you see! Invisible or hidden data in web application pentesting could be revealing details like SSNs, like in this example by White Oak.
What separates a tool from a tester? Read White Oak Security’s blog about pentesting web apps efficiently through Burp Suite Config Library with scan profiles.
A pentester at White Oak Security accesses an unauthenticated Jenkins server, an interesting target for attack, with a compromised AWS environment. Learn more…
White Oak Security’s expert pentesters share a tip in their success: learn to code! Whether you’re in cybersecurity or just curious, coding is a valuable skill.
Our CEO and founder, Christopher Emerson, is regularly asked to provide his expertise, opinion, and insight on a variety of cybersecurity topics. Often our clients, industry contacts, or community request […]