Types Of Security Testing: Scans, Assessments, Pentests
Learn about different types of security testing, like the differences between Scans vs Vulnerability Assessment vs Penetration Testing with White Oak’s experts.
penetration testing
Installation & Use Of TestSSL.sh Tool
Discover how to use, configure, & install one of White Oak Security’s penentration testers, Brett DeWall’s favorite (& free) pentesting tools, TestSSL.sh.
Social Engineers Best Friend – Part 2: Bruteforcing RFIDs
In a previous blog post, I talked about downloading, installing, and using the Proxmark3 for social engineering engagements. This post will build off of the content discussed previously and walk […]
Let’s Talk Wireless Penetration Testing Equipment
It seems like more and more often we at White Oak Security get asked what equipment we utilize for performing wireless penetration tests (802.11 wireless networking). In this post, I […]
Take Over Situations: Part 2 – Zerologon
This blog post will walk through utilizing publicly available exploit code to compromise a network through Zerologon.
Alternative Execution Macro Saga: Microsoft Web Browser – Part 7
Welcome to the last post in the Alternative Execution Macro Saga series (part 1 – InkPicture, part 2 – WMP, part 3 – Performance Monitor, part 4 – Disable Macros, […]
How To Prepare for an API Pentest – Curl
This is one part of a series of posts on how to prepare your API for a pentest. The first post was focused on Insomnia. The second was focused on […]
Vehicle Personal Information & Exfiltration
I recently purchased a used vehicle from a local dealership, and so far, so good! My Chevy Cruze works as expected, the tires all are round, and I have not managed […]
Systematic Threat Evaluation Methodology – S.T.E.M.
I LOVE security testing. There, I said it. Penetration Testing, Red Teaming, Threat Emulation… I LOVE it all. Looking at a system, learning about the individual components, understanding how they were […]
The Importance of Egress Filtering
“Egress filtering is the practice of monitoring and potentially restricting the flow of information outbound from one network to another. Typically, it is information from a private TCP/IP computer network […]