Alternative Execution: A Macro Saga (part 5)
Thanks for returning to the series! Over the last few posts we discussed making use events from the InkPicture, Windows Media Player, and System Monitor controls to obtain macro execution, […]
Thanks for returning to the series! Over the last few posts we discussed making use events from the InkPicture, Windows Media Player, and System Monitor controls to obtain macro execution, […]
Before we get into the nuts and bolts of this post, I need to provide a little background. The COVID-19 pandemic has brought a number of changes to our day […]
Thanks for returning to the “Alternative Execution: A Macro Saga” series! ( Here’s part 1, part 2, and part 3) It’s been a busy past few months, and I had […]
Welcome back! We hope you’re enjoying our series on Simple Security Fails. If not, or if you have any topics that you’re interested in learning more about, hit us up! […]
This blog post will focus on exploiting exposed Docker daemons. During a recent internal penetration test I discovered an exposed Docker Daemon. By having the daemon exposed outside of the […]
Most people these days have one of those burner email addresses – used for product sign-ups, etc.. I certainly do and that account receives its fair share of phishing emails. […]
Today we’re going to talk a bit about CSV injection. First of all, what is CSV Injection? “CSV Injection, also known as Formula Injection, occurs when websites embed untrusted input […]
On a recent Internal Penetration Test engagement, I was reviewing some Nessus scan data and came across an “Microsoft Windows SMB Shares Unprivileged Access” finding. As we can see from […]
Some of you may be confused why someone other than Brett is writing the Part 2 for this series (click here for Part 1). There are two reasons for this: […]
White Oak Security is very excited to announce the newest addition to our sales team. Barbara Wickoren has joined the company and we are very excited to have her expertise […]