Phishing Attack: A Modest Email Investigation
Ever get a weird scam email and wonder why? Here is a White Oak Security blog about phishing attacks, a modest investigation into a few phishing emails we got.
Blog
Building A Test Lab For Pentesting
Wondering how to get started in pentesting? By building a test lab! The best learning moments come from doing it yourself, here’s a White Oak Security guide.
Skim Job: Skimming Your Way In
Skim Job is White Oak Security’s RFID skimmer project, discover how we did this social engineering RFID security attack of skimming our way into client buildings.
Cypher Query Primer for BloodHound
A primer on how to use Cypher queries within the Neo4j web console to investigate your BloodHound data to go beyond what GUI provides. Read more White Oak Sec..
Web App Pentesting With Burp Suite Scan Profiles
What separates a tool from a tester? Read White Oak Security’s blog about pentesting web apps efficiently through Burp Suite Config Library with scan profiles.
Unauthenticated: Jenkins Edition
A pentester at White Oak Security accesses an unauthenticated Jenkins server, an interesting target for attack, with a compromised AWS environment. Learn more…
Success In Pentesting: Learn To Code
White Oak Security’s expert pentesters share a tip in their success: learn to code! Whether you’re in cybersecurity or just curious, coding is a valuable skill.
RFID – A Social Engineers Best Friend – part 2 (Bruteforce)
In a previous blog post I talked about downloading, installing, and using the Proxmark3 for social engineering engagements. This post will build off of the content discussed previously and walk […]
Let’s Talk Wireless Pentesting Equipment
It seems like more and more often I get asked what equipment I utilize for performing wireless penetration tests (802.11 wireless networking). In this post I will talk about the […]
Take Over Situations: Part 2 – Zerologon
This blog post will walk through utilizing publicly available exploit code to compromise a network through Zerologon.