Attacks & Defenses: Dumping LSASS With No Mimikatz
Mimikatz Mimikatz (1) is a big-name tool in penetration testing used to dump credentials from memory on Windows. As a penetration tester, this method is invaluable for lateral and vertical […]
red teaming
Take Over Situations: Part 3 – SQL Injection to Domain Admin
White Oak Security recently performed a red team engagement for a client where we discovered subsidiaries owned by their parent company (which we were testing against). All of these subsidiaries […]
Bypassing Defenses: Symantec Endpoint Protection
In this edition of Bypassing Defenses, we’ll highlight how we were able to bypass the Endpoint Detection and Response (EDR) solution Symantec Endpoint Protection on a recent Red Team engagement, […]
Unauthenticated: XXE Edition
Welcome to another installment of Unauthenticated! In this post, we will look at a recent web application penetration test where an XML external entity (XXE) expansion vulnerability was exploited without […]
Bypassing Defenses: Cylance
Bypassing defenses with Cylance during a White Oak Security’s red team engagement to extract domain admin credentials from LSASS leads to a HUGE compromise.
Red Teaming Guide | Part 1
So You Want a Red Team: The Primer In my former life, I was a member of an institutional Red Team at a Fortune 500 organization with several colleagues and […]