Professionally Evil Toolkit - Recon-ng
The first stage of almost every successful penetration test is the reconnaissance phase. During ...
Continue Reading
Who are we: Jason Gillam
In this series of posts we are introducing staff members at Secure Ideas to give you a quick ...
Continue Reading
Web App Pre-Flight
I think that it is because of my background in software development that I am passionate about ...
Continue Reading
Security Tubthumping
I have a friend who is an alcoholic. A few weeks ago after 5 years of sobriety, she stumbled and ...
Continue Reading
Professionally Evil: Self Inflicted Injury at Vendor's Request
It’s an unfortunate and still too common a vulnerability to find administrative interfaces exposed ...
Continue Reading
SIAM: Custom Testing Machines
Secure Ideas recently made the decision to create custom machines that we could use for penetration ...
Continue Reading
We Can't Rely on the Browser for Protection
A large part of doing security consulting is providing proper mitigations and recommendations to ...
Continue Reading
Industry Issues: New Vulnerabilities and Marketing Problems
As a consultant, I spend a lot of my time working with organizations and staff to help them improve ...
Continue Reading
Comparing Authorization Levels with Burp's Compare Site Map feature
Burp Suite from Portswigger.net is a fantastic web app testing tool that we use regularly at Secure ...
Continue Reading
Burp Extension for F5 Cookie Detection
This past February, my fellow colleague James Jardine wrote an excellent blog post called “Decoding ...
Continue Reading
Defending Against Pass-the-Hash (PtH) Attacks
Pass-the-Hash (PtH) attacks have become probably the most common form of credential attacks used in ...
Continue Reading