Professionally Evil Blog
A blog by experts of penetration testing and other security assessments.
Risks of AI Generated Content, According to an AI Content Generator
AI and Machine Learning (ML) have become increasingly popular tools in various industries, ranging from business to healthcare. However, with the rise of these technologies comes a new set of ethical and security issues that must be addressed. The primary concern when it comes to AI writing ...
Learn more
Never miss a Professionally Evil update!

Quick Bites 7 - Dr. TamperMonkey (Or: How I Learned to Stop Worrying and Love JavaScript)
We get really excited here at Secure Ideas about sharing knowledge with others. Our mission ...
Learn more

Steam Deck Privacy and Security
Like any portable computing device, there are going to be questions about privacy and security. ...
Learn more

Testing |
open source |
web penetration testing |
OWASP |
mobile application |
web application security |
API
ZAPmas Feedback
Sometimes Christmas comes early, and in this case for me it was the publication of the Twelve Days ...
Learn more

Twelve Days of ZAPmas - Day 12 - Testing a new Content-Security-Policy
What is the CSP? The Content-Security-Policy (CSP) is a widely recommended control and is ...
Learn more

Twelve Days of ZAPmas - Day 11 - ZAP impressions from a Burp user
It probably seems a bit odd to do this on Day 11 and not at the end of the series, but I have one ...
Learn more

Twelve Days of ZAPmas - Day 10 - Manual Web App Testing Unproxied
Most of the time, proxying the browser doesn’t present any sort of trouble. You should be able to ...
Learn more

Twelve Days of ZAPmas - Day 9 - Automated Scanning and ATTACK mode
Automated scanning against an application is useful. It’s a faster and less labor-intensive way to ...
Learn more

Twelve Days of ZAPmas - Day 8 - Spidering
Spidering is an automated process that recursively finds and follows all the navigation from an ...
Learn more

Twelve Days of ZAPmas - Day 7 - API Testing with Postman and ZAP
If you’ve done any significant amount of API development, there’s a good chance you’ve used ...
Learn more

Twelve Days of ZAPMAS - Day 6 - Passive Flaw Detection and Using the HUD
One of the awesome things about a security-focused interception proxy like ZAP is its ability to ...
Learn more