Professionally Evil Insights

DerbyCon Wrap Up

Its a wrap!  DerbyCon has ended for the Secure Ideas crew and we are all headed home.  While a few team members are flying out, the rest of us are...

DerbyCon Bound

So the Secure Ideas staff is pretty excited to be headed to DerbyCon even though Jason is the only one smart enough to fly there. (James, Kevin, Tony...

Testing

ViewState XSS: What's the Deal?

As penetration testers, there are many different technologies that we have to be familiar with.  The more we know and understand about a given...

security

SamuraiWTF 2.0? What happened to 1.0?

So the SamuraiWTF project have released the first few release candidates for the formal 2.0 release.  Since the previously available version was...

incident response

Security Onion @ UTOSC 2012

Shortly before joining Secure Ideas, I spoke on Security Onion and Network Security Monitoring (NSM) at the Utah Open Source Conference 2012.  The...

developers

How to Setup RatProxy on Windows

In an effort to help developers and other windows users get started adding security testing into their process, this post will describe the process...

How to Setup SSH on MobiSec

For most testers, MobiSec will be installed on a VM running on their testing machine, however, I recently came across the need to run MobiSec on an...

Gone Phishing

Many organizations do not include phishing in their annual penetration tests, as they believe that most phishing emails will be stopped by their...

How to install BeEF on Ubuntu 10.04 LTS

The Browser Exploitation Framework (BeEF) is a wonderful tool to have in your pen test arsenal. The latest version of the framework is written in...

darpa

MobiSec Live Environment DARPA Project

Mobile devices have become the most common computer technology available today, as indicated in a recent report from the CTIA stating that the United...

Life keeps going on....

Wow, I can’t believe it has been this long since my last post. Quite a bit is going on around here. Sarah was born and I am teaching SANS classes...