Blind XSS & GCP Functions: GCPXSSCanary
An Intro to Blind XSS & Secure GCP Functions During a recent engagement, I ran across an instance of potential Blind Cross-Site Scripting (XSS) while pentesting a web application. I […]
pentesting tools
Burp Suite Macros – Reshaper Guide
Burp Suite Macros If you’ve performed web application pentests with Burp Suite for a while, you’ve certainly come across applications that don’t play nicely with Burp Suite’s out-of-the-box scanning. Perhaps […]
Access Without Mimikatz: Internal Monologue
Credential Access Without Mimikatz On a recent engagement, a client implemented multiple EDR solutions to prevent common ways of obtaining credentials either through Mimikatz or various LSASS memory dumping methods. […]
GraphQL Batching Attacks: Turbo Intruder
Exploiting GraphQL Batching Attacks Using Turbo Intruder What Are Batching Attacks In GraphQL? GraphQL allows for multiple queries to be sent to the server in one single request in order […]
Screenshot Tool: Part 6 – Which Tool Is Best?
Comparing Automated HTTP Screenshot Tools At last, the finale! For our last Screenshot Tool blog post, White Oak Security will be putting the top 5 HTTP screenshot tools that are […]
Screenshot Tool: Part 5 – Aquatone
Reviewing Automated HTTP Screenshot Tools Another blog, another screenshot tool for our Screenshot Tool blog series! This White Oak Security series reviews a few of the top HTTP screenshot tools […]
Screenshot Tool: Part 4 – Gowitness
Reviewing Automated HTTP Screenshot Tools Thanks for continuing with us in our Screenshot Tool blog series, where White Oak Security reviews a few of the top HTTP screenshot tools that […]
Screenshot Tool: Part 3 – Snapback
Reviewing Automated HTTP Screenshot Tools Welcome back to our Screenshot Tool blog series, where White Oak Security is reviewing some of the top HTTP screenshot tools that are currently available […]
Screenshot Tool: Part 2 – WitnessMe
Reviewing Automated HTTP Screenshot Tools In our Screenshot Tool blog series, White Oak Security is reviewing some of the top HTTP screenshot tools that are currently available for penetration testers […]
Screenshot Tool: Part 1 – EyeWitness
Reviewing Automated HTTP Screenshot Tools In this Screenshot Tool blog series, White Oak Security will be reviewing the efficacy of the top HTTP screenshot tools that are currently available for […]