GraphQL APIs & Enumeration Basics
This blog post serves as an introduction to GraphQL. We will shine light on how the query language functions and some basic security considerations, as well as tools and techniques […]
This blog post serves as an introduction to GraphQL. We will shine light on how the query language functions and some basic security considerations, as well as tools and techniques […]
Improving Quality-Of-Life With Simple Burp Suite Extensions (Part Two) The “right tool for the job” isn’t always the perfect tool for the job, and if you have been using Burp […]
Improving Quality-Of-Life With Simple Burp Suite Extensions (Part One) If you have been using Burp Suite for a while, you probably have some ideas for small features or tweaks to […]
What Is Nuclei? Nuclei is a powerful open-source vulnerability scanner written in Golang. Aside from its excellent performance, it is a highly customizable tool due to its integration with YAML […]
Burp Suite Macros If you’ve performed web application pentests with Burp Suite for a while, you’ve certainly come across applications that don’t play nicely with Burp Suite’s out-of-the-box scanning. Perhaps […]
Exploiting GraphQL Batching Attacks Using Turbo Intruder What Are Batching Attacks In GraphQL? GraphQL allows for multiple queries to be sent to the server in one single request in order […]
At White Oak Security, we do a variety of engagement types. Previously, we’ve written several posts on some of the tools we use, including Burp Suite. To take full advantage […]
This White Oak series covers what is authorization testing & AuthMatrix’s basic setup of roles, users, & requests for a simple application that only uses cookies.
What separates a tool from a tester? Read White Oak Security’s blog about pentesting web apps efficiently through Burp Suite Config Library with scan profiles.