Professionally Evil Blog

A blog by experts of penetration testing and other security assessments.
    Ninja Developers Webcast Trilogy Overview
      Over the past three months, James Jardine and Kevin Johnson were featured in a webcast trilogy ...
    Continue Reading
    Professionally Evil Perspective Podcast released
    We just wanted to put together this quick post to let everyone know that the Professionally Evil ...
    Continue Reading
    Decoding F5 Cookie
    As a Penetration Tester, there are many different things you come across while performing a test.   ...
    Continue Reading
    Introduction to MobiSec video
    We just wanted to post a quick update to let you know about a new video.  Kevin (working with ...
    Continue Reading
    Reading the Mandiant APT1 Report
    Like a lot of folks, I downloaded and read through the Mandiant APT1 report as soon as I could. ...
    Continue Reading
    Active Defenses?
    Active defense, often mistakenly called hacking back, is a common topic thrown around the security ...
    Continue Reading
    Where in the RSA is Kevin?
      So RSA 2013 in San Francisco is coming up and I will be there for two different parts of the ...
    Continue Reading
    Grab a CORS Light
    Many of you already know that any cross-site HTTP requests invoked from scripts running within a ...
    Continue Reading
    Laudanum by Example: Shell
    Previously, I wrote a post providing a brief introduction to Laudanum.  If you haven’t read it, or ...
    Continue Reading
    Introduction to Laudanum
    As a security consultant, there are so many scenarios that I run into every day that there is no ...
    Continue Reading
    Hi, I'm with IT and I'm Here to Steal From You
    Beware of the Unknown IT Grunt I decided to continue on with the same theme as Kevin’s post about ...
    Continue Reading

    Never miss a professionally evil update!