Automating Authorization Testing: AuthMatrix – Part 1
This White Oak series covers what is authorization testing & AuthMatrix’s basic setup of roles, users, & requests for a simple application that only uses cookies.
This White Oak series covers what is authorization testing & AuthMatrix’s basic setup of roles, users, & requests for a simple application that only uses cookies.
GitHub Cave Of Wonders – Part 1 begins to dive into secrets management & how data repositories are a treasure trove for malicious threats. Read White Oak’s blog
Learn the mobile app testing tool Android Debug Bridge, or ADB. White Oak’s guide covers installation details, main functionality, & tips for mobile assessments.
Kurt begins a mobile security framework, or MobSF, overview White Oak Security blog series by getting you started, teaching you the tool’s core features, and more.
Welcome to another installment of Unauthenticated! In this post, we will look at a recent web application penetration test where an XML external entity (XXE) expansion vulnerability was exploited without […]
Bypassing defenses with Cylance during a White Oak Security’s red team engagement to extract domain admin credentials from LSASS leads to a HUGE compromise.
Brett uncovers an insecure password reset during a pentest, this post will go through the password reset functionality, what went wrong, & how to fix this issue.
Discover how to use, configure, & install one of White Oak Security’s penentration testers, Brett DeWall’s favorite (& free) pentesting tools, TestSSL.sh.
The effects of ransomware attacks are no longer limited to large corps, it’s important for the average person to understand & be prepared for ransomware attacks.
Part 2 on dockerizing a web testing environment and crafting custom wordlists by White Oak Security, continue this how-to blog series & learn from our experts.