Parsing ScoutSuite Results With jq
Cloud Security Audits Supported by other tools and manual analysis, ScoutSuite provides a solid base to start your Cloud Security audit. Such audits often follow a pattern that is quite […]
Cloud Security Audits Supported by other tools and manual analysis, ScoutSuite provides a solid base to start your Cloud Security audit. Such audits often follow a pattern that is quite […]
WELCOME TO THE FANCLUB! Part 1 of the Flipper Fanclub Series will be going over the Flipper Zero tool. We will discuss what it is, how to use it (from […]
Tubular Lock The tubular lock has many different names including: circle pin tumbler lock, radial lock, or ace lock. The tubular lock consists of multiple stacks of pins in a […]
ODAT ODAT (Oracle Database Attacking Tool) is “an open source penetration testing tool that tests the security of Oracle Databases remotely” (1). The goal of the tool is to help […]
Knock, knock! Who’s there? Boo! Boo who? It’s Boo language, the spooky dead language that you may not have heard about. It is a language for .Net with a clean […]
An Intro to Blind XSS & Secure GCP Functions During a recent engagement, I ran across an instance of potential Blind Cross-Site Scripting (XSS) while pentesting a web application. I […]
Burp Suite Macros If you’ve performed web application pentests with Burp Suite for a while, you’ve certainly come across applications that don’t play nicely with Burp Suite’s out-of-the-box scanning. Perhaps […]
Credential Access Without Mimikatz On a recent engagement, a client implemented multiple EDR solutions to prevent common ways of obtaining credentials either through Mimikatz or various LSASS memory dumping methods. […]
Exploiting GraphQL Batching Attacks Using Turbo Intruder What Are Batching Attacks In GraphQL? GraphQL allows for multiple queries to be sent to the server in one single request in order […]
Comparing Automated HTTP Screenshot Tools At last, the finale! For our last Screenshot Tool blog post, White Oak Security will be putting the top 5 HTTP screenshot tools that are […]