Flipper Fanclub: Part 2 – Updating Your Flipper Zero
Updating Your Flipper Zero: A Guide to Firmware Updates (RogueMaster Edition) NOTE: Flipper Fanclub Part 1 is located here The Flipper Zero is a powerful and versatile device, but like […]
penetration testing
Using DNS to Bypass SSRF Protections
Scenario On a recent web application penetration test, I identified a classic server-side request forgery (SSRF) vulnerability that used a denylist in an attempt to prevent active exploitation. This post […]
What Is A Penetration Tester
Welcome to this post in the Interview With A Pentester blog series! We will interview a White Oak Security expert to discuss what is a penetration tester, how this cybersecurity […]
LoRa Frequency & Penetration Testing
LoRa Frequency The Internet of Things (IoT) has revolutionized the way we live and work, connecting an ever-growing number of devices and systems to the internet. One key technology that […]
Retrieving Google Task Data
Working in a cloud environment, like C-suite, can be very convenient. They provide lots of functionality and tools to get the job done with supporting APIs to programmatically leverage them. […]
LogicalDOC Vulnerability Disclosure
White Oak Security discovered several vulnerabilities in the document management system, LogicalDOC, a software that’s designed to save, store, and share documents within an organization. Starting from an unauthenticated point […]
Penetration Testing Partner
Your Penetration Testing PARTNER, Not Your Adversary This blog post is intended to help organizations understand the mentality and drivers behind pentesting and to help them recognize that we (pentesters, […]
CCDC 2023
Red Team Volunteering Experiences From The Collegiate Cyber Defense Competitions This blog post will shed light on the experiences of a few of our White Oak Security penetration testers that […]
CentreStack Disclosure
White Oak Security discovered an instance of Gladinet’s CentreStack server which was vulnerable to an authentication bypass and an arbitrary file upload resulting in remote code execution. This issue has […]
Flipper Fanclub: Part 1 – Flipper Zero Pentesting
WELCOME TO THE FANCLUB! Part 1 of the Flipper Fanclub Series will be going over the Flipper Zero tool. We will discuss what it is, how to use it (from […]