Professionally Evil Blog

A blog by experts of penetration testing and other security assessments.
    How to Create Custom Probes For NMAP Service/Version Detection
    How to Create Custom Probes For NMAP Service/Version Detection
    Overview NMAP is a fantastic tool for performing initial reconnaissance and enumeration.  A simple ...
    Learn more
    Linux X86 Assembly - How To Test Custom Shellcode Using a C Payload Tester
    Linux X86 Assembly - How To Test Custom Shellcode Using a C Payload Tester
    Overview In the last blog post in this series, we created a tool to make it easy to build our ...
    Learn more
    It Was The Best Of Times, It Was The Worst Of Times...A Tale of Two Passwords
    It Was The Best Of Times, It Was The Worst Of Times...A Tale of Two Passwords
    Two of the characters in Charles Dickens’ beloved novel, A Tale of Two Cities have such similar ...
    Learn more
    Low Hanging Fruit Ninja: Slashing the Risks of the Human Element
    Low Hanging Fruit Ninja: Slashing the Risks of the Human Element
    A long time ago in a galaxy far, far away, I was not a Security Consultant.  I was a Chef.  And I ...
    Learn more
    How to configure BurpelFish
    How to configure BurpelFish
    I recently was doing a pentest and was continuously looking up translations for words, and thought ...
    Learn more
    Linux X86 Assembly - How To Make Payload Extraction Easier
    Linux X86 Assembly - How To Make Payload Extraction Easier
    Overview In the last blog post of the X86 Linux assembly series, we focused on how to make our ...
    Learn more
    A New Consultant’s 1st Con - Wild West Hackin Fest - Way West 2021
    A New Consultant’s 1st Con - Wild West Hackin Fest - Way West 2021
    Last month, I found myself Googling: Is weed legal in Nevada?  This was the day after arriving in ...
    Learn more
    Linux X86 Assembly - How to Make Our Hello World Usable as an Exploit Payload
    Linux X86 Assembly - How to Make Our Hello World Usable as an Exploit Payload
    Overview In the last two tutorials, we built a Hello World program in NASM and GAS for x86 ...
    Learn more
    The Best Way to Capture Traffic in 2021
    The Best Way to Capture Traffic in 2021
    There are times when you need to capture some network traffic.  Maybe you’re troubleshooting a ...
    Learn more
    Run as Admin: Executive Order on Cybersecurity
    Run as Admin: Executive Order on Cybersecurity
    On May 12, 2021, President Biden issued an executive order on cybersecurity. This new order ...
    Learn more

    Never miss a professionally evil update!