A quick technology tips and tricks article to explain how to allow multiple RDP sessions on a Windows machine. A general use case is provided and...
A rundown of the Secrets Hunter capability within Paramalyzer, used to quickly find instances of sensitive information leakage in web applications.
Using ansible to add security headers to an apache web server (idea), environment defined in a Vagrantfile
Application security is a big job, for sure. And it’s not just the job of the developers or the SOC. There is an incredible amount of surface to...
This post outlines the importance of building a content security policy (CSP) to secure web applications, and how to get started building one.
Secure Ideas' Quick Bites Ep 2 - HTTP security headers are important for webapp security. Here are some that will help lockdown your site a little...
Post on SetUID drop-privileges binaries with leaked file descriptors, allowing for PrivEsc. Covers how to exploit & a tool to streamline exploitation.
A blog post on how to update the nmap-mac-prefixes file to improve nmap's OUI detection and provides a script to help streamline the process.
Blog post explaining how-to extract the OUI information from a MAC address and lookup the manufacture using public data from the IEEE.
What is the difference between Replicating Directory Changes, Replicating Changes in Filtered Set, and Replicating Directory Changes - All?
How to find open Windows network file shares and secure them with publicly available tools. Lock down your network shares!
A blog about using Secure Shell (SSH) to securely copy files using SCP.
How to setup a home surveillance system without paying for a monthly subscription.
A demonstration on how to use LD_PRELOAD to create a backdoor in processes by hooking the accept() function.
A blog post about using Windows PowerShell to quickly mount or lock a VHD, or BitLocker encrypted drive.
Follow a consultant to Wild West Hackin Fest 2022 - Way West for a new perspective after a year of experience in the field.
A post on how-to write NMAP version service probes via the nmap-service-probes file.
This post shows you how to do a pgp signature check with gpg
In this blog post we’re going to take a look at the recent CouchDB vulnerability, CVE-2021-38295, which I was credited with discovering. You can read...
Overview In the last blog post in this series, we created a tool to make it easy to build our custom payloads and extract them. However, what if we...
Good passwords gone bad.
A long time ago in a galaxy far, far away, I was not a Security Consultant. I was a Chef. And I worked as a corporate Chef for an organization that...
I recently was doing a pentest and was continuously looking up translations for words, and thought “there has to be a better way…”. That is when I...
Overview In the last blog post of the X86 Linux assembly series, we focused on how to make our Hello World payload friendly for use as a payload in...
Last month, I found myself Googling: Is weed legal in Nevada? This was the day after arriving in Reno for Wild West Hacking Fest – Way West 2021. I...
Overview In the last two tutorials, we built a Hello World program in NASM and GAS for x86 assembly. While this can help us learn x86 assembly, it...
How can we do analysis without Wireshark? For Linux and macOS that utility has been tcpdump for quite a while; In Windows, we can use netsh.
On May 12, 2021, President Biden issued an executive order on cybersecurity. This new order combines many trends we’re already seeing in the Fortune...
Overview In the last tutorial, we covered how to build a 32-bit x86 Hello World program in NASM. Today, we will cover how to do the same thing, but...
Overview A processor understands bytecode instructions specific to that architecture. We as humans use mnemonics to make building these instructions...
Seamless and unobtrusive security is the future. We are huge advocates of shifting left and moving security testing earlier in the development...
Overview The Intel x86 CPU architecture is one of the most prolific CPU architectures for desktops, laptops, and servers. While other architectures...
We are very much in the age of APIs. From widely-used single-purpose products like Slack to cloud-based solutions like Amazon Web Services (AWS) and...
Today I want to continue the series on using LD_PRELOAD. In previous posts, we covered how to inject a shared object binary into a process, and...
This is for those of you who do web pen testing with Portswigger’s Burp proxy tool! Over the past couple of months I have been using my Java skills...
NMAP is a wonderful network scanner and its ability to log scan data to files, specifically XML, helps quite a bit. This enables the scan data to be...
Overview Each week on Friday, we post a social media challenge known as “Detective Nevil Mystery Challenge”. On November 13th of 2020, we released a...
Penetration testing is a race against the clock. Often, we only have a few days to examine all the functionality of a web application or an API. That...
Today I wanted to continue the series on using LD_PRELOAD. In today’s post we are going to use LD_PRELOAD to hijack the rand() function in a...
Hello everyone. We’ve got another Boolean math session lined up for you today. This time we’re going to take a quick look at the NOT logic and...
A little background… As I stood in front of a class of developers trying to explain cross-origin resource sharing (CORS), I knew I wasn’t conveying...
Hello everyone. We’ve got another Boolean math session to look over today. Our focus this time will be on the XOR logic. The XOR stands for...
Today I wanted to start what I plan to be a small series of blog posts about LD_PRELOAD. LD_PRELOAD is related to Linux based systems and...
Today we are going to take another look at some Boolean mathematics. In particular, we’re going to focus on the OR operational logic, as covered in...
Forward When talking about a proxy or a pivot or a tunnel, we could be talking about very different things. However, to me, these terms could mean...
Today we’re going to take a quick look at the AND Boolean logic, which is covered in Domain 3 of the CISSP common body of knowledge (CBK). To begin...
This post is about setting up an Android Virtual Machine (AVD) for a mobile application penetration test.
Why Bother with Video Game Security? Video games are more than just entertainment. Gaming is a massive industry which by some accounts is estimated...
For the past three months thousands of people have been protesting in the United States due to the deaths of George Floyd, Breonna Taylor, Tony...
We’re circling back to some more CISSP-related materials. Today’s topic will be encryption, which can be found in CISSP Domain 3. By its very...
Today we’re going to take a quick look at encoding, as covered in Domain 3 of the CISSP common body of knowledge (CBK). There is often some confusion...
This past summer, I worked as an intern for Secure Ideas. My role at the company was that of software developer, designing applications to streamline...
I know I definitely identify with being a visual learner, and I am happy to help where I can with creating content for the security/sysadmin (system...
Today we’re going to take a quick look at hashing functions, as covered in Domain 3 of the CISSP common body of knowledge (CBK). There is often some...
Secure Ideas has been in the business for 10 years and over the last ten years we have found that everyone learns differently. There is no set way...
As a company that is constantly working with our penetration testing clients on understanding where they should focus their efforts, qualifying risk...
This is easy to fix. All we need to do is tell our browser that the Burp CA can be trusted. Because every new installation of Burp generates a...
“The definition of insanity is doing the same thing over and over again and expecting different results.” – Einstein (Well, not really!) Every day we...
I am fond of meal kits. I enjoy the entire experience: the scrolling through delicious-looking meal descriptions, the excitement of receiving a...
The first step in securing any organization is to understand what you have. Unless you have a strong understanding of the systems and services on...
In our blog series on Better API Penetration Testing with Postman we discussed using Postman as the client for testing RESTful service APIs. Insomnia...
When an organization has a breach, you would like to imagine that the attacker crafted a new exploit, leveraging a zero-day vulnerability that no one...
Whether you’re an administrator, pentester, devop engineer, programmer, or some other IT person, chances are that you’ve heard of Kubernetes (k8s)....
Every so often, podcasts and such will invite me to speak on a variety of topics. And this week, I was very excited to join @cktricky and @sethlaw on...
This is the story from one of our recent penetration testing engagements. Still, the story is a familiar one for those who are testing newer web...
We at Secure Ideas love security education. What we enjoy even more is affordable security education. So we decided to start a Professionally Evil...
With Google’s recent announcement that all cookies without a SameSite flag will be treated as having SameSite=Lax set by default in Chrome version...
We have written a lot over the past year and beyond, and we wanted to provide you with our Top 10 lists! Take a look and gain some new knowledge for...
When a client calls us to pentest a web application that is only available in Internet Explorer. I cringe. I don’t know if it’s flashbacks from the...
TL;DR – This is a free tool that helps solve one of the biggest security problems when working in AWS. Turn it on. Turn it on now! Instructions are...
I love tinkering with home automation and security solutions. The simplicity of turning on a light bulb with a voice command makes me giddy, and I...
If you needed yet another reason to be paranoid about your personal information being exposed, the recent Capital One breach should be sufficient...
A little while back, I was talking with a friend of mine about the different services that Secure Ideas offered, and one of the topics that came up...
This is the first in a series of blog posts on my journey through video game hacking and security. I plan to go through any aspect of this domain...
[Note: There is an updated version of this article] When dealing with cyber vulnerabilities, there are lots of threats that are unknown and ever...
This is the final part of this series on putting together a better API testing tool-chain. In Part 1, I covered a basic introduction to Postman and...
There are those rare times during pen tests, when you are on a client’s network and you don’t have any valid domain credentials but you do have local...
In my last blog I talked about Command Injection and OS InjectionOWASP’s Most Wanted, and will now discuss SQL Injection. So as before, I will be...
After nine tutorials, sixteen posts on stack overflow, and several hours or workweeks of effort you’ve finally done it. You’ve finally got something...
The Information Security market brought in an estimated $167 billion in 2019 and that’s expected to double in the next 4-5 years according to some...
When I was thinking of topics to write about, the idea of protecting the data we work with came to mind. There’s always some sort of data that we...
api, automation, devops, home lab, Kali, packer, pentesting, redops, vagrant Now that we understand what the goal is from my first blog post, we can...
Perhaps you have heard of quantum key distribution, or perhaps you are curious as to what quantum computers with sufficient qubits and quantum error...
We are excited to announce the launch of the new Secure Ideas website. It is located at the same url: https://www.secureideas.com. We hope you like...
When you look at “security” and the big picture, it always seems to come down to the decisions made by the Chief Security Officer (CSO) and Chief...
In Part 1 of this series, we got started with Postman and generally creating collections and requests. In Part 2, we set Postman to proxy through...
Earlier this week, Secure Ideas sent an initial notification regarding an incident targeting us that took place at a vendor. The initial notification...
In Part 1 of this series, I walked through an introduction to Postman, a popular tool for API developers that makes it easier to test API calls. We...
The configuration of web and application servers is a very important aspect of web applications. Often times, failure to manage proper configurations...
This is the first of a multi-part series on testing with Postman. I originally planned for it to be one post, but it ended up being so much content...
Update: As of March 2021, I’d recommend using Android Virtual Devices over Chromebooks. Chromebooks still work (in many cases) but the AVDs are much...
So you ask who is this OWASP and why do I care? Well, let’s hear it directly from them: “Open Web Application Security Project (OWASP) is a...
We often get contacted by small businesses requesting their first penetration test because of compliance reasons, or because of “industry best...
Organizations of all sizes and industries face increasing challenges in safeguarding vast amounts of sensitive data, with Health Care being no...
Secure Ideas is currently working on a revamp and redesign of our website and client portal, to promote a better user experience for our clients....
Cracking WPA Pre Shared Keys This is intended to be part 2 of a previous blog (Intro to Wireless Security), which was designed to introduce people to...
This is the third and final part in this three-part series, Three C-Words of Web Application Security. I wrote a sort of prologue back in April,...
If you have a brand new piece of software, a program, a network, or an operating system, you will want to test it for any bugs, coding errors or...
In 2019 Secure Ideas is dedicated to offering affordable security training to everyone. This concept has been one of our core goals and passions...
What’s Physical Security? Ok, I’m just going to say it, I’m a physical security guy in a IT security world. So why physical security for IT? Easy,...
In the cyber security world, there are a number of vulnerabilities to be aware of. Today we’re going to look at a specific one; Stored Cross-Site...
As we put the finishing touches on another tremendous year, and look toward the New Year, we at Secure Ideas wanted to take a moment to reflect upon...
Sometimes as a pentester you find yourself in tricky situations. Depending on the engagement, you might want to avoid making a lot of noise on the...
For all the money spent on expensive software solutions and expert consultation; an organization is still at a tremendous risk if it is not...
This series of daily mini-posts, running from December 12, 2018 to December 24, 2018, is intended to provide cross-site scripting (XSS) related tips....
ISC2 describes the CISSP as a way to prove “you have what it takes to effectively design, implement and manage a best-in-class cybersecurity...
We all get older, and technology is always changing. With changes in technologies, we are continually faced with new ways we perform tasks in our...
Most people know that taking care of your personal health is important. We get regular check ups and try to keep ourselves as healthy and free of...
Many folks get confused about the difference between security and compliance. Many, especially those less technically inclined, assume that...
Over the last eight years, one of the main focuses of Secure Ideas has been education. One responsibility we take very seriously is that of growing...
As we enter the busiest time of year for us (both personally and professionally) we wanted to take a moment and reflect on where we are and why that...
Some of the Secure Ideas team headed down to the “Big Easy” last month for (ISC)2’s 2018 Security Congress, and it was a BIG hit. From the various...
This is the second in a three-part series, Three C-Words of Web Application Security. I wrote a sort of prologue back in April, called A Brief...
In February of this year, Mic posted a blog discussing the future of SamuraiWTF. (You can go read it here if you don’t remember). As we discussed...
Firefox is one chatty browser! Even if you don’t actually use it for anything, it’s constantly making requests out to the internet for things like...
As an account manager in the world of security, I am constantly confronted with questions surrounding PCI compliance and the challenges organizations...
The Internet was built to be a platform to share information remotely. Since it was created, sharing everything about ourselves and others has...
If you are reading this, then you are becoming a cybersecurity geek, or you already are one and you just can’t get enough. You wake up at four in...
Part 2: /2019/05/automating-red-team-homelabs-part-2-build-pentest-destroy-and-repeat.html Homelab infrastructure got you down? Well, not anymore!...
Have you ever gotten a strange text message on your phone that you don’t recognize? Well, be careful because you don’t have to use a computer to be...
-Preventive Security for You- As you go through everyday life, how do you think about your own security? Are you the type of person that may...
The use of mobile devices is steadily growing. With this increase comes the need for the users to learn how to safely operate their devices. Just...
Introduction to Wireless Security with Aircrack-ng Today we’re going to walk through a few WiFi testing examples using Aircrack-ng, which is a...
This post is part 2 of a series of blog posts on container hacking. If you haven’t read the part1, you should check it out. Today I’m going to tell...
I have been involved in IT and security in one way or another for almost 30 years. I have worked full time for organizations and consulted in a wide...
Strong passwords are an important part of maintaining accounts and of any organization’s security infrastructure. They are the first line of defense...
Hello everyone! I put together a list of things to help me keep my PCI testing on track, not to mention just as a guideline to start discussions...
For those less versed in web applications and how they’ve evolved, I wrote a sort of prologue to this post back in April 2018, titled A Brief...
Often, one of the main goals of a pen tester is to get Domain Admin (DA) rights in a client’s Windows network. But why do we want to get that level...
Welcome to the 5th blog on Burp Suite, and Happy 4th of July! Please visit Secure Ideas’ previous blogs on using Burp Suite at the following links:...
Ethical hacking uses the principles and techniques of hackers to help businesses protect their infrastructure and information (You could also say it...
I’ve got four kids and part of their chores involve cleaning up their bedrooms. Inevitably, their understanding of “clean enough” never quite matches...
We have all seen the alert that “updates are available,” or “software update needed.” How often have we just clicked “cancel” because it pops up at...
The “Human Sensor” Continuum How people can counteract suspicious activity and crime in the workplace As a security professional for over 20 years...
Most companies have logs that are generated daily, but not all companies think to review these or know the importance of them. Log reviews are an...
In this blog post, I won’t spend too much time explaining what Docker is and is not. You can do some research on your own if you want to learn more...
The Internet’s importance to businesses of all sizes and across all industries is indisputable. Beyond optimizing efficiency internally, the...
In today’s technologically driven society, more and more criminals have turned to cyber crime as a means to steal information and intrude on other...
Author’s Note: This was actually meant to be the first part of a series called Three C-Words of Web App Security, dealing with CORS, CSRF, and...
Being a pen tester is a cool job, we get to break into companies (with permission), steal stuff, and then tell them how we did it. Many testers focus...
Time is never on your side when you’re onsite with a client and trying to get the first good foothold, with admin privileges, can seem impossible....
Welcome to the fourth blog introducing and exploring the features of Burp Suite. Please visit Secure Ideas’ previous blogs on using Burp Suite at the...
For the longest time, I was in my own echo chamber, where everyone knew basic user security and all we discussed were the finer details of...
“You don’t need to see his identification.” It’s a classic line. With a flick of the wrist old Ben Kenobi deftly bypasses the identity & access...
Healthcare organizations are a prime target for many malicious individuals and organizations in the information age. Identity thieves, blackmailers,...
Are you a developer who wants to better understand web application security? Are you a security practitioner who needs to delve into web app...
Samurai Web Testing Framework, if you’re not familiar with it, it’s a linux environment that is primarily now used for teaching web application...
UPDATE: Updated the done steps. below. Also changed the links from S3 to Git. Since our founding in 2010 Secure Ideas has always tried to focus on...
In the cloud-based economy, businesses of every size are hiring remote employees. Remote employees may decrease their capital costs, free the...
Every computer owner has had the heart-stopping moment where a popup comes up and says that your computer has been infected. Most people know that...
The full disclosure debate has raged over the years again and again. While I am sure that many people are tired of hearing about it, sometimes...
The Equifax breach, announced in September 2017, is said to potentially impact some 143 million Americans. At this point in time Equifax has not...
The WiFi Pineapple Tetra is a wireless auditing tool from Hak5 that simplifies and automates the process of performing many wireless attacks.
It is day three of a five-day penetration test engagement and we still don’t have all the information we need to proceed with the test. This...
Ransomware Intelligence Briefing Media reporting on the WannaCry ransomware campaign has contained exaggeration, bad information, and fear tactics....
“The greatest gifts you can give your children are the roots of responsibility and the wings of independence.” — Denis Waitley As information...
One of the hassles of the Yahoo! breach was clearly the coming-home-to-roost quality of the mega-stupid 90’s era “something about you” secret...
Imagine going in to do an incident response at a fairly large customer that has no visibility within their firewalls, no intrusion detection, no...
I recently got the opportunity to speak at B-Sides Charleston on cross-site scripting (XSS) payload development. For me, this was a really enjoyable...
FOR IMMEDIATE RELEASE: Statement by Secure Ideas Response Team Director Nick Selby on the Report Issued Today by Security Consultancy Bishop Fox...
During a recent conversation at DerbyCon it occurred to me that some security folks who are just dipping their toes into AWS are struggling a lot...
BeEF, the Browser Exploitation Framework, is a testing tool that allows the penetration tester to look past hardened network perimeter and client...
As a consultant for Secure Ideas there are many tools I use often in my daily tasks. One of the many great tools I use in web application testing is...
We all recognize clickbait when we see it. And yet thousands still click on the links. In today’s world of social media and ad-funded news, a range...
Testing web based applications is not only fun but is often multi-faceted and challenging. Often times a web front end will have places for data...
2016 is shaping up to be an interesting and exciting time at Secure Ideas. We have always done training in one form or another. Many of you may have...
Is your corporate wifi as secure as you think it is? A common configuration for WPA Enterprise wireless networks is to use a combination of PEAP...
One of my favorite ways to eat Oreo cookies is to twist the two halves apart, carefully set the filling aside, eat both chocolate halves, and then...
Are you interested in knowing which vulnerabilities are the most commonly discovered in penetration tests? How about which industries are doing the...
While working on a recent pen test, I came across a few Cisco routers sitting on an internal network. The fact that they were using default...
During penetration tests, and especially scoping calls, we often get quizzed about what secret, proprietary techniques we’ll use to gain access to...
Lately, I’ve been doing a lot of reading on some less technical topics and I ran across “Red Team: How to Succeed By Thinking Like the Enemy”...
The Security Industry as a whole has been known to criticize businesses large and small with respect to how they manage security. Why does it so...
The Metasploit Framework is a key resource for security assessors. Whether you’re goal is to become a commercial penetration tester, to demonstrate...
This one is for you web penetration testers! This new Burp extension is designed to help with efficiency when you are testing a complex application...
The PCI Security Standards Council released a Penetration Testing Guidance information supplement in March 2015. This document, while geared towards...
Here’s a quick tip I use to save some time when spinning up Burp Suite on a Mac. I use Burp Suite frequently enough that having an icon on my task...
We are really excited to announce that SamuraiWTF 3.2 is now available publicly. This release is available at...
When was the last time you downloaded a binary file from the Internet or grabbed one off of a network share that is used by your organization to...
Burp BS… where the “BS” stands for BeanShell. “What on earth is BeanShell?” you may ask? BeanShell is a very old Java library that was designed to...
When the first data breach investigations report was released by Verizon in 2008, I remember thinking how awesome it was to get some actual data...
First thing’s first: What is Splunk and why do I want or need it? The short is answer is Splunk is a data analytics tool that indexes system logs...
MobiSec has undergone a major reconstruction and version 2.0 (actually 2.0.1) is now available for download on SourceForge. The popular mobile...
On January 31st, Deusen disclosed what was described as a Same Origin Policy Bypass flaw called “Universal XSS (U-XSS)” in IE 9 through 11 on Full...
For those who have asked – my slide deck for Anatomy of Web Client Attacks can be downloaded here. Jason Gillam is a Senior Security Consultant with...
Every pen tester looks forward to that next encounter that includes one of those uncommon vulnerabilities that ultimately result in an exciting...
Secure Ideas is very excited to announce their training event for April. We have worked with the Core Group and TrustedSec to create an event that...
Start 2015 right with a free web session to learn all about the Burp CO2 plugin! This training is scheduled for Thursday, January 8th, 2015 at 2pm...
We are really excited to announce that SamuraiWTF 3.0 is now available publicly. (We did a previous release but found some issues and so that was...
There have been a number of updates to the Burp CO2 extension suite over the past couple of months but the most exciting one is the addition of...
It is that time of year and we need to be ready for the fraudsters to be out in full effect. The holidays are approaching and it is a time for joy...
We have decided to try something new here at Secure Ideas. We have a long history (as long as the company actually) of doing webcasts and...
SQLite is an embedded, open-source, lightweight SQL database engine. The C based library is transactional, self-contained, and highly compact. It’s...
During a physical penetration test, it is not uncommon for the tester (attacker) to drop usb thumb drives out in the parking lot or someplace within...
I recently noticed an uptake on Cross-Origin Resource Sharing (CORS) findings showing up in automated scanning tools, which would not have been a...
Secure Ideas is excited to announce the latest class in our Professionally Evil Course series: Ride Along Penetration Testing. This course will be...
Secure Ideas’ prides itself on providing the highest level of service to our customers. We are tirelessly searching for new tools, and methods to use...
One of the first concerns with protecting a network is stopping outsiders from being able to enter into the internal network. Of course, this does...
Turn on any news outlet or visit any news site and you will most likely see an announcement of yet another data breach. On the DTR podcast we...
In today’s world, something never seems to be true unless it is written down, and even then it is a guideline. In the business world there are...