Some Tips for Analyzing Malicious Word Documents
Most people these days have one of those burner email addresses – used for product sign-ups, etc.. I certainly do and that account receives its fair share of phishing emails. […]
Most people these days have one of those burner email addresses – used for product sign-ups, etc.. I certainly do and that account receives its fair share of phishing emails. […]
Today we’re going to talk a bit about CSV injection. First of all, what is CSV Injection? “CSV Injection, also known as Formula Injection, occurs when websites embed untrusted input […]
On a recent Internal Penetration Test engagement, I was reviewing some Nessus scan data and came across an “Microsoft Windows SMB Shares Unprivileged Access” finding. As we can see from […]
Some of you may be confused why someone other than Brett is writing the Part 2 for this series (click here for Part 1). There are two reasons for this: […]
White Oak Security is very excited to announce the newest addition to our sales team. Barbara Wickoren has joined the company and we are very excited to have her expertise […]
[HERE’S A COMPANION POST ON SETTING UP AN ANDROID DEVICE FOR PENETRATION TESTING] One of the initial challenges of performing an iOS mobile application penetration test is getting a suitable […]
In the last few blogs in our Alternative Execution Macro Saga: (part 1 – InkPicture & part 2 – WMPlayer) we worked through scenarios making use of the ActiveX controls […]
Overview While performing security tests against web applications or network infrastructures, I often come across web servers with directory listing enabled. What is directory listing you say? “Web servers can […]
In the previous blog in this Alternative Execution Macro Saga: part 1 – InkPicture, (this is part 2 – WMP, then there’s part 3 – performance monitor, part 4 – disable macros, part 5 – CLSID, […]
This is the first in a series called the Alternative Execution Macro Saga – if you’re interested in reading the full series the links are here: part 1 – InkPicture, […]