Professionally Evil Insights
Welcome to the Professionally Evil Insights blog by Secure Ideas! In this digital playground, we unravel the complex world of information security with a touch of fun. Our expert-led content ranges from deep-dives into penetration testing to explorations of hardware hacking. Whether you're curious about Secure Ideas or passionate about cybersecurity, this blog is your quick, enlightening, and entertaining guide into the captivating world of information security.
Welcome aboard!
How to Obfuscate Strings in Rust the Easy Way Using the litcrypt Crate
Overview Static strings in a binary can make the life easier for reverse engineers, be those ...
Continue Reading
Application Security 202: Vulnerabilities Accepted
Testing |
Vulnerability |
Guidance |
data breach |
information security |
penetration testing |
application security |
professionally evil |
Secure Ideas |
hacking |
best practices |
cybersecurity |
Privilege Escalation
vul·ner·a·bil·i·ty The quality or state of being exposed to the possibility of being attacked or ...
Continue Reading
(Not So) Quick Bites - Episode 3 - Writing About Writer's Block
Deliverables |
consulting |
application security |
Secure Ideas |
cybersecurity |
methodology |
Project |
Writing |
Quick Bites
So, sometimes I have a real problem with writing, specifically reports and blog posts. Somehow, ...
Continue Reading
Hunting Secrets
Applications are hemorrhaging sensitive data. In many cases, the culprit is marketing and analytics ...
Continue Reading
Quick Bites Episode 2 - HTTP Security Headers and Why You NEED Them
Hi everybody! So, after some feedback about the last “quick” Quick Bites (thanks Josh!), I’ve ...
Continue Reading
Privilege Escalation via File Descriptors in Privileged Binaries
application security |
professionally evil |
Secure Ideas |
Linux |
programming |
File Descriptors |
SetUID |
Privilege Escalation
Today I wanted to cover an application security topic that applies to SetUID binaries. As we all ...
Continue Reading
LD_PRELOAD: Making a Backdoor by Hijacking accept()
application security |
professionally evil |
Secure Ideas |
LD_PRELOAD |
accept |
dup2 |
make |
Linux |
programming |
Shared Objects |
dlsym |
shell |
backdoor |
rootkit |
userland |
ELF |
inject |
injection
Today I want to continue the series on using LD_PRELOAD. In previous posts, we covered how to ...
Continue Reading
Wild West Hackin Fest 2022: The Return
Training |
security |
samuraiWTF |
web penetration testing |
information security |
security awareness |
application security |
professionally evil |
Secure Ideas |
hacking |
cybersecurity |
pentesting |
web application security |
technology |
security conference
Man, San Diego is beautiful. I don't know exactly why John Strand and Black Hills Information ...
Continue Reading
Digging Between the Couch Cushions - CouchDB CVE-2021-38295 Breakdown
Vulnerability |
developers |
security |
open source |
information security |
application security |
hacking
Introduction In this blog post we’re going to take a look at the recent CouchDB vulnerability, ...
Continue Reading