Professionally Evil Blog
A blog by experts of penetration testing and other security assessments.
Brute Forcing the Change Password Feature
As a penetration tester, brute force attacks are something I test for on every application. ...
Learn more
Who are We: James Jardine
To continue on with the series of “who we are” here at secure ideas, here is the second profile ...
Learn more
Mobile Security: Upcoming Events
Mobile security is a very hot topic and there are some pretty cool events just around the ...
Learn more
GSA Database May Have Leaked Information: Kevin Johnson was Interviewed
Recently it was announced that there was a security flaw found in one of the GSA systems that ...
Learn more
Podcast Show Notes: Why are Passwords so Difficult
Kevin and James just finished up recording episode 2 of the Professionally Evil Perspective ...
Learn more
The Watering Hole: Is it Safe to Drink?
How many times have you been told you have a vulnerability that you just don’t understand its ...
Learn more

Admin Consoles, Default Creds, and Sweet Pwnage
When performing internal network penetration tests, one thing that really gets us excited is ...
Learn more
Ninja Developers Webcast Trilogy Overview
Over the past three months, James Jardine and Kevin Johnson were featured in a webcast trilogy ...
Learn more

Decoding F5 Cookie
As a Penetration Tester, there are many different things you come across while performing a test. ...
Learn more

Grab a CORS Light
Many of you already know that any cross-site HTTP requests invoked from scripts running within a ...
Learn more

Laudanum by Example: Shell
Previously, I wrote a post providing a brief introduction to Laudanum. If you haven’t read it, or ...
Learn more

Introduction to Laudanum
As a security consultant, there are so many scenarios that I run into every day that there is no ...
Learn more