Professionally Evil Blog
A blog by experts of penetration testing and other security assessments.
Twelve Days of ZAPmas - Day 2 - The Edge of Tomorrow
Day 2 - The Edge of Tomorrow - Replaying and Tampering with Requests Fuzzing and tampering are like the primitives upon which we design tests to evaluate functionality and flaws. Here’s how I’m using these terms: Tampering is taking a request and modifying it manually, and then issuing the modified ...Learn more
information security | penetration testing | CISSP | education | compliance | risk assessment | security controls | information security program | GLBA | Safeguards Rule | Dec 9, 2022 | automotive | banking | vulnerability assessment
What are the key requirements of the GLBA Safeguards Rule?
The Gramm-Leach-Bliley Act (GLBA) contains the Safeguards Rule. This requires financial ...Learn more
Testing | Vulnerability | Guidance | data breach | information security | penetration testing | application security | professionally evil | Secure Ideas | hacking | best practices | cybersecurity | Privilege Escalation
Application Security 202: Vulnerabilities Accepted
vul·ner·a·bil·i·ty The quality or state of being exposed to the possibility of being attacked or ...Learn more
Training | penetration testing | pentesting | Windows | technology tips and tricks | rdp | sysadmin | system administration
How to allow multiple RDP sessions
The goal of this article is to walk through how to set up a Windows host to allow multiple remote ...Learn more
How I Became a Security Consultant: AbsoluteAppsec Interview
Every so often, podcasts and such will invite me to speak on a variety of topics. And this week, I ...Learn more