Professionally Evil Insights

Professionally Evil Blog

A blog by experts of penetration testing and other security assessments.

web penetration testing, application security, web application security, how-to

Twelve Days of ZAPmas - Day 4 - Fuzzing for Injection

I briefly introduced fuzzing earlier in the series, citing it as the second primitive upon which application testing techniques are built. OWASP has a more in-depth definition available here. We also have a video on fuzzing with Burp Suite here. Fuzzing in ZAP Much like tampering, you can start by ...

Learn more

Never miss a Professionally Evil update!

application security | OWASP | web application security | how-to

Twelve Days of ZAPmas - Day 3 - CYA (Cover Your Auth)

Access control is one of the crucial elements to application security. The vast majority of ...

Learn more

Twelve Days of ZAPmas - Day 2 - The Edge of Tomorrow

Day 2 - The Edge of Tomorrow - Replaying and Tampering with Requests Fuzzing and tampering are like ...

Learn more

web penetration testing | application security | OWASP | web application security | how-to

Twelve Days of ZAPmas - Day 1 - Setting Up ZAP

This holiday season, I’m going to run down some of the ins and outs of working with OWASP Zed ...

Learn more

Quick Bites - Finding Open Windows File Shares

Hi there, ladies and gentlemen! My name is Aaron Moss, and welcome to the first edition of Quick ...

Learn more

PowerShell Tips: How do I Mount a VHD or Lock a BitLocker Drive?

PowerShell Tips How do I Mount a VHD or Lock a BitLocker Encrypted Drive?

Learn more