Professionally Evil Blog
A blog by experts of penetration testing and other security assessments.
Introduction to Writing Nmap Scripting Engine (NSE) Scripts
One thing I notice a lot of people are missing in their skill set as security professionals is the ability to write NSE scripts for Nmap. This skill isn’t too hard to learn and by not learning it, you are leaving a lot of value on the table. I feel like the issue though is that there isn’t a lot ...
Learn more
Never miss a Professionally Evil update!
Privilege Escalation via File Descriptors in Privileged Binaries
Today I wanted to cover an application security topic that applies to SetUID binaries. As we ...
Learn more
application security |
professionally evil |
Secure Ideas |
LD_PRELOAD |
accept |
dup2 |
make |
Linux |
programming |
Shared Objects |
dlsym |
shell |
backdoor |
rootkit |
userland |
ELF |
inject |
injection
LD_PRELOAD: Making a Backdoor by Hijacking accept()
Today I want to continue the series on using LD_PRELOAD. In previous posts, we covered how to ...
Learn more

How to Create Custom Probes For NMAP Service/Version Detection
Overview NMAP is a fantastic tool for performing initial reconnaissance and enumeration. A simple ...
Learn more

Linux X86 Assembly - How To Make Payload Extraction Easier
Overview In the last blog post of the X86 Linux assembly series, we focused on how to make our ...
Learn more

Linux X86 Assembly - How to Build a Hello World Program in GAS
Overview In the last tutorial, we covered how to build a 32-bit x86 Hello World program in NASM. ...
Learn more

Linux X86 Assembly - How to Build a Hello World Program in NASM
Overview A processor understands bytecode instructions specific to that architecture. We as humans ...
Learn more