Professionally Evil Insights
Welcome to the Professionally Evil Insights blog by Secure Ideas! In this digital playground, we unravel the complex world of information security with a touch of fun. Our expert-led content ranges from deep-dives into penetration testing to explorations of hardware hacking. Whether you're curious about Secure Ideas or passionate about cybersecurity, this blog is your quick, enlightening, and entertaining guide into the captivating world of information security.
Welcome aboard!
Step Into the Shadows: The Haunting of the Dark Web
Ready to venture into the unseen corners of the internet? Join us for a Halloween webcast, "The Haunting of the Dark Web," on October 24th at 2:00 PM ET. Join our Resident (professionally) Evil hackers Aaron Moss and Kathy Collins as they guide you through the eerie world of the dark web. Designed ...
Continue Reading
Never miss a Professionally Evil update!
Automating UART Command Injection with the Flipper Zero and JavaScript
Overview The Flipper Zero recently came out with a JavaScript system built off of MJS that exposes ...
Continue Reading
What’s new in the OWASP Proactive Controls for 2024
I have taught a number of application security classes to developers. When it comes to ...
Continue Reading
Many Hands Approach To AppSec
"If you want to frustrate a good developer, interfere with their ability to complete work." - ...
Continue Reading
The CISO's Myopia
Fifteen years ago, I wrote an article entitled "The CSO’s Myopia." At the time, I aimed to ...
Continue Reading
Kubernetes Pentesting: The Hacker’s Harvest
Are you ready to dive into the world of Kubernetes pentesting? Join us for our upcoming webcast, ...
Continue Reading
From Code to Cloud: Strengthening IaC Security with SAST
Infrastructure as Code (IaC) is a cornerstone in modern DevOps and DevSecOps practices, but how do ...
Continue Reading
NMAP in Action: API's
In a recent blog post, my coworker Josh introduced the fundamentals of NMAP and highlighted its ...
Continue Reading
Tartar Sauce for your Phishing Program
Phishing awareness exercises have become a common part of the larger security strategy for many ...
Continue Reading
From Linux to PowerShell and Back: A Quick Command Reference
Quick Overview If you are like me, you are switching back and forth between Linux and Windows ...
Continue Reading
Flipper Zero: Hardware Hacking JTAG and SWD Webcast
The Flipper Zero is known as a hacking multitool. It can cover a range of hacking from sub-ghz ...
Continue Reading
The Client-Side Security Trap: A Warning For Developers
application security |
SDLC |
framework |
Secure Development |
Software Development |
Secure Coding Practices |
client-side Security |
Content Security Policy |
Lifecycle |
Front-End Security
Considering the inherent complexities of modern web development, understanding the distinct roles ...
Continue Reading