Professionally Evil Insights

Welcome to the Professionally Evil Insights blog by Secure Ideas! In this digital playground, we unravel the complex world of information security with a touch of fun. Our expert-led content ranges from deep-dives into penetration testing to explorations of hardware hacking. Whether you're curious about Secure Ideas or passionate about cybersecurity, this blog is your quick, enlightening, and entertaining guide into the captivating world of information security.

Welcome aboard!

    Flipper Zero: A Hardware Hacking Multitool Webcast
    The Flipper Zero is known as a hacking multitool. It can cover a range of hacking from sub-ghz radios, to NFC and door tags, USB attacks, and hardware attacks. Back in August, we did a webcast that provided a high level overview of what Flipper Zero can do. It was more of a sampler of rapid-fire ...
    Continue Reading

    Never miss a Professionally Evil update!

    Hardware Hacking: Interfacing to UART with Your Computer
    hacking  |  hardware  |  UART
    In my previous article, we covered identification and mapping of the UART interface. In that ...
    Continue Reading
    Hardware Hacking: Finding UART Pinouts on PCBs
    hacking  |  hardware  |  UART
    In my previous article, we started to explore the Universal Asynchronous Receiver/Transmitter ...
    Continue Reading
    Hardware Hacking: Introduction to the UART Interface
    hacking  |  IoT  |  hardware  |  UART
    I wanted to provide some information about hardware and firmware hacking in our blogs. To get the ...
    Continue Reading
    NMAP NSE Scripting By Example: Wordpress Version Detection
    NMAP  |  version  |  NSE  |  Detection  |  WordPress
    In my last blog post, I gave a high-level introduction to the Nmap Scripting Engine (NSE). In this ...
    Continue Reading
    Introduction to Writing Nmap Scripting Engine (NSE) Scripts
    NMAP  |  programming  |  NSE
    One thing I notice a lot of people are missing in their skill set as security professionals is the ...
    Continue Reading
    How to Obfuscate Strings in Rust the Easy Way Using the litcrypt Crate
    application security  |  programming  |  rust  |  Obfuscate  |  litcrypt
    Overview Static strings in a binary can make the life easier for reverse engineers, be those ...
    Continue Reading
    Privilege Escalation via File Descriptors in Privileged Binaries
    Today I wanted to cover an application security topic that applies to SetUID binaries. As we all ...
    Continue Reading
    How to Update the Nmap OUI Database
    network  |  professionally evil  |  Secure Ideas  |  NMAP  |  Linux  |  IEEE  |  OUI  |  nmap-mac-prefixes
    Overview In a previous blog post, I covered what an OUI is, how to extract them from a MAC address, ...
    Continue Reading
    Of MAC Addresses and OUI: A Subtle, but Useful, Recon Resource
    network  |  professionally evil  |  Secure Ideas  |  MAC Address  |  IEEE  |  OUI  |  PENT
    When it comes to reconnaissance, every little bit of information can be helpful. Today, we will ...
    Continue Reading
    LD_PRELOAD: Making a Backdoor by Hijacking accept()
    application security  |  professionally evil  |  Secure Ideas  |  LD_PRELOAD  |  accept  |  dup2  |  make  |  Linux  |  programming  |  Shared Objects  |  dlsym  |  shell  |  backdoor  |  rootkit  |  userland  |  ELF  |  inject  |  injection
    Today I want to continue the series on using LD_PRELOAD. In previous posts, we covered how to ...
    Continue Reading
    How to Create Custom Probes For NMAP Service/Version Detection
    network  |  hacking  |  cybersecurity  |  pentesting  |  scanning  |  NMAP  |  version  |  service  |  probe  |  ports  |  match  |  chrome  |  debugging  |  nmap-service-probes  |  softmatch  |  rarity  |  directive  |  remote
    Overview NMAP is a fantastic tool for performing initial reconnaissance and enumeration. A simple ...
    Continue Reading