Client Portal
Contact Us

Professionally Evil Blog

A blog by experts of penetration testing and other security assessments.
    Featured Image
    Understanding Server-Side Template Injection (SSTI)
    Testing |  Training |  QA |  web penetration testing |  penetration testing |  application security |  OWASP |  web application security |  methodology |  OWASP Top 10
    Web applications play a vital role in delivering dynamic content to users. To achieve this, developers often utilize server-side templates, which provide a powerful and consistent way to generate dynamic web pages. However, along with this power comes the risk of Server-Side Template Injection ...
    Continue Reading

    Never miss a Professionally Evil update!

    Sign Up For Our Newsletter
    Introducing SamuraiWTF 5.3: A Powerhouse for Web App Pen Testing
    Introducing SamuraiWTF 5.3: A Powerhouse for Web App Pen Testing
    Testing  |  Training  |  samuraiWTF  |  web penetration testing  |  application security  |  professionally evil  |  Secure Ideas  |  hacking  |  OWASP  |  Project
    We are thrilled to announce the release of SamuraiWTF (Web Training Framework) version 5.3! This ...
    Continue Reading
    Einstein Told Us: Why User Awareness is NOT the right focus
    Einstein Told Us: Why User Awareness is NOT the right focus
      “The definition of insanity is doing the same thing over and over again and expecting different ...
    Continue Reading
    How I Became a Security Consultant: AbsoluteAppsec Interview
    How I Became a Security Consultant: AbsoluteAppsec Interview
    Every so often, podcasts and such will invite me to speak on a variety of topics. And this week, I ...
    Continue Reading
    Building Blocks: Professionally Evil Fundamentals Series
    Building Blocks: Professionally Evil Fundamentals Series
    We at Secure Ideas love security education. What we enjoy even more is affordable security ...
    Continue Reading
    We take security seriously and other trite statements
    We take security seriously and other trite statements
    Earlier this week, Secure Ideas sent an initial notification regarding an incident targeting us ...
    Continue Reading
    #AffordableTraining requires change
    #AffordableTraining requires change
      In 2019 Secure Ideas is dedicated to offering affordable security training to everyone. This ...
    Continue Reading
    Professionally Evil CISSP Certification: Breaking the Bootcamp Model
    Professionally Evil CISSP Certification: Breaking the Bootcamp Model
    ISC 2 describes the CISSP as a way to prove “ you have what it takes to effectively design, ...
    Continue Reading
    Spring Break without Breaking the Bank: Hands On Training
    Spring Break without Breaking the Bank: Hands On Training
    Over the last eight years, one of the main focuses of Secure Ideas has been education.  One ...
    Continue Reading
    Happy Thanksgiving from Secure Ideas
    Happy Thanksgiving from Secure Ideas
    As we enter the busiest time of year for us (both personally and professionally) we wanted to take ...
    Continue Reading
    SamuraiWTF 4.0 Finally Released
    SamuraiWTF 4.0 Finally Released
    In February of this year, Mic posted a blog discussing the future of SamuraiWTF (link provided if ...
    Continue Reading
    Finding Your Weakness: Triaging Your Domains with SWAT
    Finding Your Weakness: Triaging Your Domains with SWAT
      I have been involved in IT and security in one way or another for almost 30 years.  I have worked ...
    Continue Reading
    1 2 3 4 5