Professionally Evil Blog
A blog by experts of penetration testing and other security assessments.

NMAP |
programming |
NSE
Introduction to Writing Nmap Scripting Engine (NSE) Scripts
One thing I notice a lot of people are missing in their skill set as security professionals is the ...
Learn more
How to Obfuscate Strings in Rust the Easy Way Using the litcrypt Crate
Overview Static strings in a binary can make the life easier for reverse engineers, be those ...
Learn more
application security |
professionally evil |
Secure Ideas |
Linux |
programming |
File Descriptors |
SetUID |
Privilege Escalation
Privilege Escalation via File Descriptors in Privileged Binaries
Today I wanted to cover an application security topic that applies to SetUID binaries. As we ...
Learn more
network |
professionally evil |
Secure Ideas |
NMAP |
Linux |
IEEE |
OUI |
nmap-mac-prefixes
How to Update the Nmap OUI Database
Overview In a previous blog post, I covered what an OUI is, how to extract them from a MAC ...
Learn more
network |
professionally evil |
Secure Ideas |
MAC Address |
IEEE |
OUI |
PENT
Of MAC Addresses and OUI: A Subtle, but Useful, Recon Resource
When it comes to reconnaissance, every little bit of information can be helpful. Today, we ...
Learn more
application security |
professionally evil |
Secure Ideas |
LD_PRELOAD |
accept |
dup2 |
make |
Linux |
programming |
Shared Objects |
dlsym |
shell |
backdoor |
rootkit |
userland |
ELF |
inject |
injection
LD_PRELOAD: Making a Backdoor by Hijacking accept()
Today I want to continue the series on using LD_PRELOAD. In previous posts, we covered how to ...
Learn more

network |
hacking |
cybersecurity |
pentesting |
scanning |
NMAP |
version |
service |
probe |
ports |
match |
chrome |
debugging |
nmap-service-probes |
softmatch |
rarity |
directive |
remote
How to Create Custom Probes For NMAP Service/Version Detection
Overview NMAP is a fantastic tool for performing initial reconnaissance and enumeration. A simple ...
Learn more

Linux X86 Assembly - How To Test Custom Shellcode Using a C Payload Tester
Overview In the last blog post in this series, we created a tool to make it easy to build our ...
Learn more

Linux X86 Assembly - How To Make Payload Extraction Easier
Overview In the last blog post of the X86 Linux assembly series, we focused on how to make our ...
Learn more

Linux X86 Assembly - How to Make Our Hello World Usable as an Exploit Payload
Overview In the last two tutorials, we built a Hello World program in NASM and GAS for x86 ...
Learn more

Linux X86 Assembly - How to Build a Hello World Program in GAS
Overview In the last tutorial, we covered how to build a 32-bit x86 Hello World program in NASM. ...
Learn more

Linux X86 Assembly - How to Build a Hello World Program in NASM
Overview A processor understands bytecode instructions specific to that architecture. We as humans ...
Learn more