Client Portal
Contact Us

Professionally Evil Blog

A blog by experts of penetration testing and other security assessments.
    Training, CISSP
    Is the CISSP Mentorship for me?
    “Knowledge is power.” That quote has been said more times than you can count because it’s true. The common body of knowledge (CBK) covered in the CISSP provides an industry-standard way of discussing security.  So, the way we gather knowledge tends to vary immensely. Rush learning with Boot Camps ...
    Learn more

    Never miss a Professionally Evil update!

    Sign Up For Our Newsletter
    What happened to CVE-2022-23529? And what can we learn from it?
    What happened to CVE-2022-23529? And what can we learn from it?
    If you saw the disclosure notice for the flaw CVE-2022-23529, it would have been presented as a ...
    Learn more
    Risks of AI Generated Content, According to an AI Content Generator
    Risks of AI Generated Content, According to an AI Content Generator
    AI and Machine Learning (ML) have become increasingly popular tools in various industries, ranging ...
    Learn more
    Quick Bites 7 - Dr. TamperMonkey (Or: How I Learned to Stop Worrying and Love JavaScript)
    Quick Bites 7 - Dr. TamperMonkey (Or: How I Learned to Stop Worrying and Love JavaScript)
    We get really excited here at Secure Ideas about sharing knowledge with others.  Our mission ...
    Learn more
    Steam Deck Privacy and Security
    Steam Deck Privacy and Security
    Like any portable computing device, there are going to be questions about privacy and security.  ...
    Learn more
    ZAPmas Feedback
    ZAPmas Feedback
    Sometimes Christmas comes early, and in this case for me it was the publication of the Twelve Days ...
    Learn more
    Twelve Days of ZAPmas - Day 12 - Testing a new Content-Security-Policy
    Twelve Days of ZAPmas - Day 12 - Testing a new Content-Security-Policy
    What is the CSP? The Content-Security-Policy (CSP) is a widely recommended control and is ...
    Learn more
    Twelve Days of ZAPmas - Day 11 - ZAP impressions from a Burp user
    Twelve Days of ZAPmas - Day 11 - ZAP impressions from a Burp user
    It probably seems a bit odd to do this on Day 11 and not at the end of the series, but I have one ...
    Learn more
    Twelve Days of ZAPmas - Day 10 - Manual Web App Testing Unproxied
    Twelve Days of ZAPmas - Day 10 - Manual Web App Testing Unproxied
    Most of the time, proxying the browser doesn’t present any sort of trouble. You should be able to ...
    Learn more
    Twelve Days of ZAPmas - Day 9 - Automated Scanning and ATTACK mode
    Twelve Days of ZAPmas - Day 9 - Automated Scanning and ATTACK mode
    Automated scanning against an application is useful. It’s a faster and less labor-intensive way to ...
    Learn more
    Twelve Days of ZAPmas - Day 8 - Spidering
    Twelve Days of ZAPmas - Day 8 - Spidering
    Spidering is an automated process that recursively finds and follows all the navigation from an ...
    Learn more
    Twelve Days of ZAPmas - Day 7 - API Testing with Postman and ZAP
    Twelve Days of ZAPmas - Day 7 - API Testing with Postman and ZAP
    If you’ve done any significant amount of API development, there’s a good chance you’ve used ...
    Learn more
    1 2 3 4 5