Professionally Evil Blog
A blog by experts of penetration testing and other security assessments.
Twelve Days of ZAPmas - Day 2 - The Edge of Tomorrow
Day 2 - The Edge of Tomorrow - Replaying and Tampering with Requests Fuzzing and tampering are like the primitives upon which we design tests to evaluate functionality and flaws. Here’s how I’m using these terms: Tampering is taking a request and modifying it manually, and then issuing the modified ...
Learn more
Never miss a Professionally Evil update!

information security |
penetration testing |
CISSP |
education |
compliance |
risk assessment |
security controls |
information security program |
GLBA |
Safeguards Rule |
Dec 9, 2022 |
automotive |
banking |
vulnerability assessment
What are the key requirements of the GLBA Safeguards Rule?
The Gramm-Leach-Bliley Act (GLBA) contains the Safeguards Rule. This requires financial ...
Learn more

Testing |
Vulnerability |
Guidance |
data breach |
information security |
penetration testing |
application security |
professionally evil |
Secure Ideas |
hacking |
best practices |
cybersecurity |
Privilege Escalation
Application Security 202: Vulnerabilities Accepted
vul·ner·a·bil·i·ty The quality or state of being exposed to the possibility of being attacked or ...
Learn more
Training |
penetration testing |
pentesting |
Windows |
technology tips and tricks |
rdp |
sysadmin |
system administration
How to allow multiple RDP sessions
The goal of this article is to walk through how to set up a Windows host to allow multiple remote ...
Learn more

How I Became a Security Consultant: AbsoluteAppsec Interview
Every so often, podcasts and such will invite me to speak on a variety of topics. And this week, I ...
Learn more