Professionally Evil Insights

Welcome to the Professionally Evil Insights blog by Secure Ideas! In this digital playground, we unravel the complex world of information security with a touch of fun. Our expert-led content ranges from deep-dives into penetration testing to explorations of hardware hacking. Whether you're curious about Secure Ideas or passionate about cybersecurity, this blog is your quick, enlightening, and entertaining guide into the captivating world of information security.

Welcome aboard!

    Featured Image
    No Broadcast Traffic? No Problem! - NetExec SMB Slinky Module
    penetration testing |  network security |  red team |  NTLM
    As pentesters, tools such as Responder and Ntlmrelayx are great tools for capturing hashes or exploiting NTLM relay vulnerabilities. However, sometimes you may find yourself in a situation where there is no broadcast traffic on the subnet you are on that those tools can leverage. If there are ...
    Continue Reading

    Never miss a Professionally Evil update!

    Sign Up For Our Newsletter
    Annual Pentests Aren't Cutting It Anymore: Why Continuous Testing Beats Scrambling at Renewal Time
    Annual Pentests Aren't Cutting It Anymore: Why Continuous Testing Beats Scrambling at Renewal Time
    Let's be honest about something: if you're still relying on that once-a-year penetration test to ...
    Continue Reading
    The Real AI Revolution in Penetration Testing
    The Real AI Revolution in Penetration Testing
    Custom Tooling at Lightning Speed Most cybersecurity professionals hear "AI in penetration testing" ...
    Continue Reading
    Quick Bites 13 – Network Pentest Restrictions Can Hurt Your Business
    Quick Bites 13 – Network Pentest Restrictions Can Hurt Your Business
    Too Many Network Pentest Restrictions Can Hurt Your Business
    Continue Reading
    Risk-Driven Approach: The Federal Government’s Shift in Cybersecurity Burden
    Risk-Driven Approach: The Federal Government’s Shift in Cybersecurity Burden
    From All-Hazards to Risk-Informed The New Risk-Informed Paradigm One of the most significant shifts ...
    Continue Reading
    Understanding Garbage Findings
    Understanding Garbage Findings
    There is a well-meaning desire among penetration testers to produce findings. The fact of the ...
    Continue Reading
    Houston, We Have a Problem
    Houston, We Have a Problem
    Satellite Security Testing: A Holistic Approach Last month, I had the opportunity to present at ...
    Continue Reading
    When Algorithms Aren’t Enough: Why the Human Element Still Matters in Modern Penetration Testing
    When Algorithms Aren’t Enough: Why the Human Element Still Matters in Modern Penetration Testing
    The cybersecurity industry has evolved into two distinct approaches when it comes to penetration ...
    Continue Reading
    Solicited Public Comment on HIPAA Security Rule NPRM To Strengthen the Cybersecurity of ePHI
    Solicited Public Comment on HIPAA Security Rule NPRM To Strengthen the Cybersecurity of ePHI
    The Department of Health and Human Services (HHS) wants to raise the benchmarks of the Security ...
    Continue Reading
    The CISO's Myopia
    The CISO's Myopia
    Fifteen years ago, I wrote an article entitled "The CSO’s Myopia." At the time, I aimed to ...
    Continue Reading
    Mobile Testing Considerations
    Mobile Testing Considerations
    Testing In Mobile Applications In today’s world, the significance of mobile applications in our ...
    Continue Reading
    The reason I stopped using Postman for API Pentests
    The reason I stopped using Postman for API Pentests
    I’ve been a proponent of Postman for a number of years. I’ve written and spoken about using it in ...
    Continue Reading
    Has contents: true Total pages: 2 Current page: 1
    1 2