Gophish Setup: Gandi – Part 2
Please review our Gophish – Part 1 blog to ensure you are ready to proceed with configuring Gophish with Gandi before proceeding with the following blog post below. In this […]
Tools
MiniDumpDotNet: Pure CLR Alt – Part 2
MiniDumpDotNet – Part 1 & 2 In MiniDumpDoNet – Part 1, we took a brief look at the MiniDumpWriteDump() Win32 API and considered options for reimplementation for the purposes of […]
MiniDumpDotNet: MiniDumpWriteDump – Part 1
MiniDumpWriteDump The Background Story Throughout 2021 a thought had been bouncing around in my head: why hasn’t anyone reimplemented MiniDumpWriteDump? For those who are not yet familiar, the Win32 API […]
DNSscope: Tool for Automating DNS Recon
White Oak Security Introduces DNSscope Tool White Oak Security’s experts created a tool to make performing deep attack surface analysis and identifying assets quicker – introducing DNSscope, a tool for […]
Nmap: Host Discovery
This article describes how to enhance the default Nmap host discovery phase to include SYN and ACK probes to ports other than the default 80/tcp and 443/tcp. These techniques can […]
What’s In A Social Engineering Toolkit?
One of the many services that White Oak Security offers is Onsite Social Engineering. As a pentester, I have performed 50+ physical onsite social engineering engagements over my professional career […]
Gophish Setup – Part 1
Welcome to the first of a series of posts diving into the functionality and usage of the tool – Gophish. This tool allows users to quickly deploy phishing engagements or […]
5 Useful & Free Burp Suite Plugins
At White Oak Security, we do a variety of engagement types. Previously, we’ve written several posts on some of the tools we use, including Burp Suite. To take full advantage […]
Attacks & Defenses: Dumping LSASS With No Mimikatz
Mimikatz Mimikatz (1) is a big-name tool in penetration testing used to dump credentials from memory on Windows. As a penetration tester, this method is invaluable for lateral and vertical […]
Automating Authorization Testing: AuthMatrix – Part 1
This White Oak series covers what is authorization testing & AuthMatrix’s basic setup of roles, users, & requests for a simple application that only uses cookies.