Professionally Evil Insights

Welcome to the Professionally Evil Insights blog by Secure Ideas! In this digital playground, we unravel the complex world of information security with a touch of fun. Our expert-led content ranges from deep-dives into penetration testing to explorations of hardware hacking. Whether you're curious about Secure Ideas or passionate about cybersecurity, this blog is your quick, enlightening, and entertaining guide into the captivating world of information security.

Welcome aboard!

    Creating an Encrypted File Container with LUKS
    In our previous blog post, we covered how to create an encrypted flash drive using LUKS (Linux Unified Key Setup) to provide data at rest security. However, it is possible to create an encrypted partition and file system on a file container that can be mounted thanks to the loop device system in ...
    Continue Reading

    Never miss a Professionally Evil update!

    Paths to Power in Active Directory Part 6: ESC8 - The Coerced Crown
    In Part 5, ESC6 - Under a False Sigil, the focus shifted to identity interpretation. The attack ...
    Continue Reading
    No Hash? No Problem! - ASERepCatcher
    Intro: Credentials Are Currency In penetration testing, credentials are like currency. It doesn't ...
    Continue Reading
    What Is a SIAM and Why Is One Showing Up at Your Office?
    If you've scheduled an internal penetration test with Secure Ideas, we've likely asked you to ...
    Continue Reading
    Paths to Power in Active Directory Part 5: ESC6 - Under a False Sigil
    In Part 3, ESC2: The Seal of Any Purpose, we shifted from identity to capability. Instead of ...
    Continue Reading
    Beyond the Browser: The Questions That Expanded the Attack Surface
    After presenting this research at security conferences this year, I was expecting the usual ...
    Continue Reading
    The AI Arms Race Just Went Public: What Project Glasswing Means for You
    penetration testing  |  AI  |  Mythios  |  Anthropic AI  |  Project Glasswing
    Anthropic's announcement this week isn't just a product launch. It's a public acknowledgment that ...
    Continue Reading
    The Secret Handshake – Covertly Redirecting Mobile Traffic to a Different Backend
    Normally while performing iOS or Android mobile application penetration tests, we request a custom ...
    Continue Reading
    Paths to Power in Active Directory Part 4: ESC3 – In The Name of The Crown
    In Part 2, ESC1: No One, Yet Everyone, we examined a misconfiguration that allows a low-privileged ...
    Continue Reading
    Paths to Power in Active Directory Part 3: ESC2 – The Seal of Any Purpose
    " Power in Active Directory, much like power in Westeros, often changes hands not through force, ...
    Continue Reading
    Supply Chain Security: Trust Is the New Attack Surface
    In February 2026, while participating in a panel at IT Expo, one statement kept resonating ...
    Continue Reading
    Has contents: true Total pages: 4 Current page: 1