Professionally Evil Insights

Posts


WinPhone 7: Fiddler Setup

One of the many tasks on any penetration tester’s to-do list is to set up a web proxy for debugging applications.  Doing this for the normal browser...


Finding the Leaks

One of the common vulnerabilities we find when performing internal network penetration testing is sensitive data on open SMB file shares.  Now, by...


Spear Phishing: "You guys are Shady!"

This post is part of our Professionally Evil series of posts that discuss some of the experiences we have had as Security Consultants.  In Kevin’s...


Happy New Years!

As we finish 2012 and look forward to 2013, Secure Ideas’ staff would like to wish everyone a happy new year.  We also thought it would be fun to do...


Don’t Trust the Replacement Delivery Guy

Here at Secure Ideas we have had a ton of fun experiences during our work. When we teach or present, people often ask us to talk about the things we...


Grey Box Penetration Testing

A common question I get from potential clients is “what is grey box testing and why do we need it?”  I believe this often stems from the request for...


SH5ARK: Taking a Byte out of HTML5

The new features in HTML5 have opened a whole new world of opportunities for developers and for attackers.  Secure Ideas recognized this and  with...


How To: Encrypting Mac Mail

As a security consultant, frequently traveling, it is critical to implement security controls to protect sensitive data on my computer.  One of the...


DerbyCon Wrap Up

Its a wrap!  DerbyCon has ended for the Secure Ideas crew and we are all headed home.  While a few team members are flying out, the rest of us are...


DerbyCon Bound

So the Secure Ideas staff is pretty excited to be headed to DerbyCon even though Jason is the only one smart enough to fly there. (James, Kevin, Tony...