Welcome to another installment of Unauthenticated! In this post, we will look at a recent web application penetration test where an XML external entity (XXE) expansion vulnerability was exploited without […]
Bypassing defenses with Cylance during a White Oak Security’s red team engagement to extract domain admin credentials from LSASS leads to a HUGE compromise.
Brett uncovers an insecure password reset during a pentest, this post will go through the password reset functionality, what went wrong, & how to fix this issue.
Discover how to use, configure, & install one of White Oak Security’s penentration testers, Brett DeWall’s favorite (& free) pentesting tools, TestSSL.sh.
The effects of ransomware attacks are no longer limited to large corps, it’s important for the average person to understand & be prepared for ransomware attacks.
Part 2 on dockerizing a web testing environment and crafting custom wordlists by White Oak Security, continue this how-to blog series & learn from our experts.
Discover White Oak Security’s how to blog series part one on dockerizing a web testing environment, a safe way for pentesters to learn & test new things!
Don’t believe everything you see! Invisible or hidden data in web application pentesting could be revealing details like SSNs, like in this example by White Oak.
Brett DeWall (one of our pentesters) is back at it again, with White Oak Security’s new blog – a guide on how to root a Google Pixel 4a Smartphone. Learn how…
Our EndPoint & Ransomware Simulation services have a positive impact on White Oak’s clients, learn how they were spared in the Ryuk Ransomware cyber attack.