How I Got Free Propane (Lock Picking) & YOU Can Too!
Lock Picking Guide To Propane Cage Locks Howdy folks! This blog post will be a quick explanation of how lock picking can improve your everyday life. I will give a […]
threat emulation
Threat Hunter
When I first came to White Oak Security, I was presented with a unique opportunity to do some training for threat hunting assessments. Prior to that point, I had some […]
MiniDumpDotNet: Pure CLR Alt – Part 2
MiniDumpDotNet – Part 1 & 2 In MiniDumpDoNet – Part 1, we took a brief look at the MiniDumpWriteDump() Win32 API and considered options for reimplementation for the purposes of […]
MiniDumpDotNet: MiniDumpWriteDump – Part 1
MiniDumpWriteDump The Background Story Throughout 2021 a thought had been bouncing around in my head: why hasn’t anyone reimplemented MiniDumpWriteDump? For those who are not yet familiar, the Win32 API […]
Attacks & Defenses: Dumping LSASS With No Mimikatz
Mimikatz Mimikatz (1) is a big-name tool in penetration testing used to dump credentials from memory on Windows. As a penetration tester, this method is invaluable for lateral and vertical […]
Take Over Situations: Part 3 – SQL Injection to Domain Admin
White Oak Security recently performed a red team engagement for a client where we discovered subsidiaries owned by their parent company (which we were testing against). All of these subsidiaries […]
Unauthenticated: XXE Edition
Welcome to another installment of Unauthenticated! In this post, we will look at a recent web application penetration test where an XML external entity (XXE) expansion vulnerability was exploited without […]
Bypassing Defenses: Cylance
Bypassing defenses with Cylance during a White Oak Security’s red team engagement to extract domain admin credentials from LSASS leads to a HUGE compromise.
Alternative Execution Macro Saga: Microsoft Web Browser – Part 7
Welcome to the last post in the Alternative Execution Macro Saga series (part 1 – InkPicture, part 2 – WMP, part 3 – Performance Monitor, part 4 – Disable Macros, […]
Alternative Execution Macro Saga: ActiveMovie Control – Part 6
Over the past five blogs (part 1, part 2, part 3, part 4, part 5) of the Alternative Execution Macro Saga, we’ve covered utilizing event handlers for ActiveX controls to obtain code execution in […]