Professionally Evil Blog

A blog by experts of penetration testing and other security assessments.
    Brute Forcing the Change Password Feature
      As a penetration tester, brute force attacks are something I test for on every application.  ...
    Learn more
    Who are We: James Jardine
      To continue on with the series of “who we are” here at secure ideas, here is the second profile ...
    Learn more
    Mobile Security: Upcoming Events
      Mobile security is a very hot topic and there are some pretty cool events just around the ...
    Learn more
    GSA Database May Have Leaked Information: Kevin Johnson was Interviewed
      Recently it was announced that there was a security flaw found in one of the GSA systems that ...
    Learn more
    Podcast Show Notes: Why are Passwords so Difficult
      Kevin and James just finished up recording episode 2 of the Professionally Evil Perspective ...
    Learn more
    The Watering Hole: Is it Safe to Drink?
    How many times have you been told you have a vulnerability that you just don’t understand  its ...
    Learn more
    Admin Consoles, Default Creds, and Sweet Pwnage
    Admin Consoles, Default Creds, and Sweet Pwnage
    When performing internal network penetration tests, one thing that really gets us excited is ...
    Learn more
    Ninja Developers Webcast Trilogy Overview
      Over the past three months, James Jardine and Kevin Johnson were featured in a webcast trilogy ...
    Learn more
    Decoding F5 Cookie
    Decoding F5 Cookie
    As a Penetration Tester, there are many different things you come across while performing a test.   ...
    Learn more
    Grab a CORS Light
    Grab a CORS Light
    Many of you already know that any cross-site HTTP requests invoked from scripts running within a ...
    Learn more
    Laudanum by Example: Shell
    Laudanum by Example: Shell
    Previously, I wrote a post providing a brief introduction to Laudanum.  If you haven’t read it, or ...
    Learn more
    Introduction to Laudanum
    Introduction to Laudanum
    As a security consultant, there are so many scenarios that I run into every day that there is no ...
    Learn more

    Never miss a professionally evil update!