Professionally Evil Blog

A blog by experts of penetration testing and other security assessments.
    Why your application needs a Content Security Policy (And How to Build One)
    Why your application needs a Content Security Policy (And How to Build One)
    As a web application owner, it is crucial to understand the concept of a content security policy ...
    Learn more
    Quick Bites Episode 2 - HTTP Security Headers and Why You NEED Them
    Quick Bites Episode 2 - HTTP Security Headers and Why You NEED Them
    Hi everybody!  So, after some feedback about the last “quick” Quick Bites  (thanks Josh!), I’ve ...
    Learn more
    How to Update the Nmap OUI Database
    How to Update the Nmap OUI Database
    Overview     In a previous blog post, I covered what an OUI is, how to extract them from a MAC ...
    Learn more
    Of MAC Addresses and OUI: A Subtle, but Useful, Recon Resource
    Of MAC Addresses and OUI: A Subtle, but Useful, Recon Resource
        When it comes to reconnaissance, every little bit of information can be helpful.  Today, we ...
    Learn more
    The Other Replicating Directory Changes
    The Other Replicating Directory Changes
    Quick Summary The Replicating Directory Changes right in Active Directory allows you to request ...
    Learn more
    Quick Bites - Finding Open Windows File Shares
    Quick Bites - Finding Open Windows File Shares
    Hi there, ladies and gentlemen! My name is Aaron Moss, and welcome to the first edition of Quick ...
    Learn more
    LD_PRELOAD: Making a Backdoor by Hijacking accept()
    LD_PRELOAD: Making a Backdoor by Hijacking accept()
        Today I want to continue the series on using LD_PRELOAD.  In previous posts, we covered how to ...
    Learn more

    Never miss a professionally evil update!