Password Cracking has its own large methodology when it comes to targeted methods of cracking passwords. You can consider English and other language models, passphrases, 1337sp34k translations, case MoDiFCaTiOn, distributed […]
Updating Your Flipper Zero: A Guide to Firmware Updates (RogueMaster Edition) NOTE: Flipper Fanclub Part 1 is located here! The Flipper Zero is a powerful and versatile device, but like […]
On a recent web application penetration test, I identified a classic server-side request forgery (SSRF) vulnerability that used a Denylist in an attempt to prevent active exploitation. This post details […]
Welcome to this post in the Interview With A Pentester blog series! We will interview a White Oak Security expert to discuss what is a penetration tester, how this cybersecurity […]
LoRa Frequency The Internet of Things (IoT) has revolutionized the way we live and work, connecting an ever-growing number of devices and systems to the internet. One key technology that […]
Working in a cloud environment, like C-suite, can be very convenient. They provide lots of functionality and tools to get the job done with supporting APIs to programmatically leverage them. […]
White Oak Security discovered several vulnerabilities in the document management system, LogicalDOC, a software that’s designed to save, store, and share documents within an organization. Starting from an unauthenticated point […]
Your Penetration Testing PARTNER, Not Your Adversary This blog post is intended to help organizations understand the mentality and drivers behind pentesting and to help them recognize that we (pentesters, […]
Red Team Volunteering Experiences From The Collegiate Cyber Defense Competitions This blog post will shed light on the experiences of a few of our White Oak Security penetration testers that […]
Note: Updated 6/9/2023 to update official CVE IDs White Oak Security discovered an instance of Gladinet’s CentreStack server which was vulnerable to an authentication bypass and an arbitrary file upload […]
