Professionally Evil Blog
A blog by experts of penetration testing and other security assessments.
Understanding Server-Side Template Injection (SSTI)
Testing |
Training |
QA |
web penetration testing |
penetration testing |
application security |
OWASP |
web application security |
methodology |
OWASP Top 10
Web applications play a vital role in delivering dynamic content to users. To achieve this, developers often utilize server-side templates, which provide a powerful and consistent way to generate dynamic web pages. However, along with this power comes the risk of Server-Side Template Injection ...
Continue Reading
Never miss a Professionally Evil update!
Introducing SamuraiWTF 5.3: A Powerhouse for Web App Pen Testing
Testing |
Training |
samuraiWTF |
web penetration testing |
application security |
professionally evil |
Secure Ideas |
hacking |
OWASP |
Project
We are thrilled to announce the release of SamuraiWTF (Web Training Framework) version 5.3! This ...
Continue Reading
Einstein Told Us: Why User Awareness is NOT the right focus
“The definition of insanity is doing the same thing over and over again and expecting different ...
Continue Reading
How I Became a Security Consultant: AbsoluteAppsec Interview
Every so often, podcasts and such will invite me to speak on a variety of topics. And this week, I ...
Continue Reading
Building Blocks: Professionally Evil Fundamentals Series
We at Secure Ideas love security education. What we enjoy even more is affordable security ...
Continue Reading
We take security seriously and other trite statements
Earlier this week, Secure Ideas sent an initial notification regarding an incident targeting us ...
Continue Reading
#AffordableTraining requires change
In 2019 Secure Ideas is dedicated to offering affordable security training to everyone. This ...
Continue Reading
Professionally Evil CISSP Certification: Breaking the Bootcamp Model
ISC 2 describes the CISSP as a way to prove “ you have what it takes to effectively design, ...
Continue Reading
Spring Break without Breaking the Bank: Hands On Training
Over the last eight years, one of the main focuses of Secure Ideas has been education. One ...
Continue Reading
Happy Thanksgiving from Secure Ideas
As we enter the busiest time of year for us (both personally and professionally) we wanted to take ...
Continue Reading
SamuraiWTF 4.0 Finally Released
In February of this year, Mic posted a blog discussing the future of SamuraiWTF (link provided if ...
Continue Reading
Finding Your Weakness: Triaging Your Domains with SWAT
I have been involved in IT and security in one way or another for almost 30 years. I have worked ...
Continue Reading