Professionally Evil Blog

A blog by experts of penetration testing and other security assessments.
    Run as Admin: Executive Order on Cybersecurity
    Run as Admin: Executive Order on Cybersecurity
    On May 12, 2021, President Biden issued an executive order on cybersecurity. This new order ...
    Learn more
    Linux X86 Assembly - How to Build a Hello World Program in GAS
    Linux X86 Assembly - How to Build a Hello World Program in GAS
    Overview In the last tutorial, we covered how to build a 32-bit x86 Hello World program in NASM.  ...
    Learn more
    Linux X86 Assembly - How to Build a Hello World Program in NASM
    Linux X86 Assembly - How to Build a Hello World Program in NASM
    Overview A processor understands bytecode instructions specific to that architecture.  We as humans ...
    Learn more
    AppSec Cheat Code: Shift Left, Shift Right, Up, Down & Start
    AppSec Cheat Code: Shift Left, Shift Right, Up, Down & Start
    Seamless and unobtrusive security is the future. We are huge advocates of shifting left and moving ...
    Learn more
    A Hacker’s Tour of the X86 CPU Architecture
    A Hacker’s Tour of the X86 CPU Architecture
    Overview The Intel x86 CPU architecture is one of the most prolific CPU architectures for desktops, ...
    Learn more
    Three Excellent API Security Practices Most People Neglect
    Three Excellent API Security Practices Most People Neglect
    We are very much in the age of APIs. From widely-used single-purpose products like Slack to ...
    Learn more
    LD_PRELOAD: How to Run Code at Load Time
    LD_PRELOAD: How to Run Code at Load Time
    Today I want to continue the series on using LD_PRELOAD. In previous posts, we covered how to ...
    Learn more
    Announcing Burp Co2!
    Announcing Burp Co2!
    This is for those of you who do web pen testing with Portswigger’s Burp proxy tool!  Over the past ...
    Learn more
    Converting NMAP XML Files to HTML with xsltproc
    Converting NMAP XML Files to HTML with xsltproc
    NMAP is a wonderful network scanner and its ability to log scan data to files, specifically XML, ...
    Learn more
    Solving the November 13th Detective Nevil Mystery Challenge
    Solving the November 13th Detective Nevil Mystery Challenge
    Overview Each week on Friday, we post a social media challenge known as “Detective Nevil Mystery ...
    Learn more
    3 Reasons to Pentest with Brave
    3 Reasons to Pentest with Brave
    3 Reasons to Pentest with Brave November 30, 2020 March 19, 2021 / By Ochaun Marshall Penetration ...
    Learn more
    Not-So-Random: Using LD_PRELOAD to Hijack the rand() Function
    Not-So-Random: Using LD_PRELOAD to Hijack the rand() Function
    Today I wanted to continue the series on using LD_PRELOAD.  In today’s post we are going to use ...
    Learn more

    Never miss a professionally evil update!