Parsing ScoutSuite Results With jq
Cloud Security Audits Supported by other tools and manual analysis, ScoutSuite provides a solid base to start your Cloud Security audit. Such audits often follow a pattern that is quite […]
pentest tools
Flipper Fanclub: Part 1 – Flipper Zero Pentesting
WELCOME TO THE FANCLUB! Part 1 of the Flipper Fanclub Series will be going over the Flipper Zero tool. We will discuss what it is, how to use it (from […]
Blind XSS & GCP Functions: GCPXSSCanary
An Intro to Blind XSS & Secure GCP Functions During a recent engagement, I ran across an instance of potential Blind Cross-Site Scripting (XSS) while pentesting a web application. I […]
GraphQL Batching Attacks: Turbo Intruder
Exploiting GraphQL Batching Attacks Using Turbo Intruder What Are Batching Attacks In GraphQL? GraphQL allows for multiple queries to be sent to the server in one single request in order […]
Screenshot Tool: Part 6 – Which Tool Is Best?
Comparing Automated HTTP Screenshot Tools At last, the finale! For our last Screenshot Tool blog post, White Oak Security will be putting the top 5 HTTP screenshot tools that are […]
What’s In A Social Engineering Toolkit?
One of the many services that White Oak Security offers is Onsite Social Engineering. As a pentester, I have performed 50+ physical onsite social engineering engagements over my professional career […]