Professionally Evil Insights

Welcome to the Professionally Evil Insights blog by Secure Ideas! In this digital playground, we unravel the complex world of information security with a touch of fun. Our expert-led content ranges from deep-dives into penetration testing to explorations of hardware hacking. Whether you're curious about Secure Ideas or passionate about cybersecurity, this blog is your quick, enlightening, and entertaining guide into the captivating world of information security.

Welcome aboard!

    Being Safe and Secure with Cross-Origin Messaging
    Complex web and mobile apps often depend on cross-domain interactions between different online services, but the web browser’s security model restricts them by default via the Same-Origin Policy. A variety of approaches have been used to address this need. JSONP solved this by using script tags to ...
    Continue Reading

    Never miss a Professionally Evil update!

    QB 10 – Half Shells and Full Shells
    hacking  |  pentesting  |  shell  |  Quick Bites  |  reverse shells  |  terminal  |  python  |  python3  |  netcat  |  command line  |  nc
    I wanted to share a really cool technique that I found out about recently. Now I will say this is ...
    Continue Reading
    Intro to NMAP
    My journey into cybersecurity has been anything but easy. This field offers a wide range of ...
    Continue Reading
    What does PCI require for Developer Training?
    Training  |  PCI  |  developers  |  application security  |  appsec
    The Payment Card Industry Security Standards Council (PCI SSC) defines compliance standards for all ...
    Continue Reading
    Mitigating Exploitation Risks in Active Directory Certificate Services
    A recent pentest of an Active Directory environment turned into a struggle to uncover an avenue for ...
    Continue Reading
    Everything You Need To Know About The Nist Cybersecurity Framework 2.0
    best practices  |  cybersecurity  |  government  |  CSF  |  cybersecurity standards  |  framework  |  NIST  |  profiles  |  tiers
    This week NIST released the highly anticipated update to the Cybersecurity Framework (CSF). Here’s ...
    Continue Reading
    Quick Bites 9 – Adventuring into the Unknown: The Hacker Subculture
    One of the really cool things about being a hacker is that we get to discover new things. It’s kind ...
    Continue Reading
    The reason I stopped using Postman for API Pentests
    I’ve been a proponent of Postman for a number of years. I’ve written and spoken about using it in ...
    Continue Reading
    Exploring Sentry Safe Exploit on the Flipper Zero with Logic Analyzer
    hacking  |  hardware  |  flipper zero  |  sentry  |  safe  |  logic analyzer
    Overview I recently had a friend that wanted to learn how to use a logic analyzer. Given the number ...
    Continue Reading