GraphQL Batching Attacks: Turbo Intruder
Exploiting GraphQL Batching Attacks Using Turbo Intruder What Are Batching Attacks In GraphQL? GraphQL allows for multiple queries to be sent to the server in one single request in order […]
Blog
Fishbowl Disclosure: CVE-2022-29805
Finding A Shell In Your Fishbowl White Oak Security discovered an instance of Fishbowl Inventory that was vulnerable to a Java deserialization vulnerability, resulting in unauthenticated remote code execution. This […]
Automating Authorization Testing: AuthMatrix – Part 2
In my previous blog post, part 1, I covered the basic configuration of the AuthMatrix Burp Suite extension, so we will now move on to some more advanced setups. The […]
Screenshot Tool: Part 6 – Which Tool Is Best?
Comparing Automated HTTP Screenshot Tools At last, the finale! For our last Screenshot Tool blog post, White Oak Security will be putting the top 5 HTTP screenshot tools that are […]
Screenshot Tool: Part 5 – Aquatone
Reviewing Automated HTTP Screenshot Tools Another blog, another screenshot tool for our Screenshot Tool blog series! This White Oak Security series reviews a few of the top HTTP screenshot tools […]
Screenshot Tool: Part 4 – Gowitness
Reviewing Automated HTTP Screenshot Tools Thanks for continuing with us in our Screenshot Tool blog series, where White Oak Security reviews a few of the top HTTP screenshot tools that […]
Screenshot Tool: Part 3 – Snapback
Reviewing Automated HTTP Screenshot Tools Welcome back to our Screenshot Tool blog series, where White Oak Security is reviewing some of the top HTTP screenshot tools that are currently available […]
Screenshot Tool: Part 2 – WitnessMe
Reviewing Automated HTTP Screenshot Tools In our Screenshot Tool blog series, White Oak Security is reviewing some of the top HTTP screenshot tools that are currently available for penetration testers […]
Screenshot Tool: Part 1 – EyeWitness
Reviewing Automated HTTP Screenshot Tools In this Screenshot Tool blog series, White Oak Security will be reviewing the efficacy of the top HTTP screenshot tools that are currently available for […]
GoAWSConsoleSpray: Password Spraying Tool
GoAWSConsoleSpray – A Simple AWS Console Password Spraying Tool As part of our Cloud Security Penetration Test service, White Oak Security has observed quite a few different AWS deployments over […]