Phishing For Success – Part 3 & Autosneakphish Tool
Hi, again folks! Welcome back, I am a Senior Threat Emulation Specialist at White Oak Security. The majority of my time in the Cyber Security field has been focused on […]
Hi, again folks! Welcome back, I am a Senior Threat Emulation Specialist at White Oak Security. The majority of my time in the Cyber Security field has been focused on […]
Working in a cloud environment, like C-suite, can be very convenient. They provide lots of functionality and tools to get the job done with supporting APIs to programmatically leverage them. […]
White Oak Security discovered several vulnerabilities in the document management system, LogicalDOC, a software that’s designed to save, store, and share documents within an organization. Starting from an unauthenticated point […]
Your Penetration Testing PARTNER, Not Your Adversary This blog post is intended to help organizations understand the mentality and drivers behind pentesting and to help them recognize that we (pentesters, […]
Red Team Volunteering Experiences From The Collegiate Cyber Defense Competitions This blog post will shed light on the experiences of a few of our White Oak Security penetration testers that […]
Note: Updated 6/9/2023 to update official CVE IDs White Oak Security discovered an instance of Gladinet’s CentreStack server which was vulnerable to an authentication bypass and an arbitrary file upload […]
Cloud Security Audits Supported by other tools and manual analysis, ScoutSuite provides a solid base to start your Cloud Security audit. Such audits often follow a pattern that is quite […]
WELCOME TO THE FANCLUB! Part 1 of the Flipper Fanclub Series will be going over the Flipper Zero tool. We will discuss what it is, how to use it (from […]
Tubular Lock The tubular lock has many different names including: circle pin tumbler lock, radial lock, or ace lock. The tubular lock consists of multiple stacks of pins in a […]
ODAT ODAT (Oracle Database Attacking Tool) is “an open source penetration testing tool that tests the security of Oracle Databases remotely” (1). The goal of the tool is to help […]