Professionally Evil Insights

Welcome to the Professionally Evil Insights blog by Secure Ideas! In this digital playground, we unravel the complex world of information security with a touch of fun. Our expert-led content ranges from deep-dives into penetration testing to explorations of hardware hacking. Whether you're curious about Secure Ideas or passionate about cybersecurity, this blog is your quick, enlightening, and entertaining guide into the captivating world of information security.

Welcome aboard!

    Featured Image
    Paths to Power in Active Directory Part 2: ESC1 – No One, Yet Anyone
    penetration testing |  Active Directory |  Privilege Escalation |  ESC1
    This is the second post in this series. Part I can be found here. Planning The Take Over: Identifying the Cracks in the Wall In GOAD (Game of Active Directory), as with real-life engagements, ESC1 is often the first crack in the wall worth checking once AD CS comes into play. It’s not the beginning ...
    Continue Reading

    Never miss a Professionally Evil update!

    Sign Up For Our Newsletter
    Extract Secrets from Multiple Configuration Files Using Vim
    Extract Secrets from Multiple Configuration Files Using Vim
    penetration testing  |  command line  |  red team  |  VIM
    You're SSH'd into a compromised Linux server during a penetration test. You've found the ...
    Continue Reading
    Paths to Power in Active Directory Part 1: How AD CS Misconfigurations Become the Keys to the Kingdom
    Paths to Power in Active Directory Part 1: How AD CS Misconfigurations Become the Keys to the Kingdom
    An Introduction to Active Directory Certificate Services (AD CS) I am still pretty new to ...
    Continue Reading
    No Broadcast Traffic? No Problem! - NetExec SMB Slinky Module
    No Broadcast Traffic? No Problem! - NetExec SMB Slinky Module
    As pentesters, tools such as Responder and Ntlmrelayx are great tools for capturing hashes or ...
    Continue Reading
    Annual Pentests Aren't Cutting It Anymore: Why Continuous Testing Beats Scrambling at Renewal Time
    Annual Pentests Aren't Cutting It Anymore: Why Continuous Testing Beats Scrambling at Renewal Time
    Let's be honest about something: if you're still relying on that once-a-year penetration test to ...
    Continue Reading
    The Real AI Revolution in Penetration Testing
    The Real AI Revolution in Penetration Testing
    Custom Tooling at Lightning Speed Most cybersecurity professionals hear "AI in penetration testing" ...
    Continue Reading
    Quick Bites 13 – Network Pentest Restrictions Can Hurt Your Business
    Quick Bites 13 – Network Pentest Restrictions Can Hurt Your Business
    Too Many Network Pentest Restrictions Can Hurt Your Business
    Continue Reading
    Risk-Driven Approach: The Federal Government’s Shift in Cybersecurity Burden
    Risk-Driven Approach: The Federal Government’s Shift in Cybersecurity Burden
    From All-Hazards to Risk-Informed The New Risk-Informed Paradigm One of the most significant shifts ...
    Continue Reading
    Understanding Garbage Findings
    Understanding Garbage Findings
    There is a well-meaning desire among penetration testers to produce findings. The fact of the ...
    Continue Reading
    Houston, We Have a Problem
    Houston, We Have a Problem
    Satellite Security Testing: A Holistic Approach Last month, I had the opportunity to present at ...
    Continue Reading
    When Algorithms Aren’t Enough: Why the Human Element Still Matters in Modern Penetration Testing
    When Algorithms Aren’t Enough: Why the Human Element Still Matters in Modern Penetration Testing
    The cybersecurity industry has evolved into two distinct approaches when it comes to penetration ...
    Continue Reading
    Solicited Public Comment on HIPAA Security Rule NPRM To Strengthen the Cybersecurity of ePHI
    Solicited Public Comment on HIPAA Security Rule NPRM To Strengthen the Cybersecurity of ePHI
    The Department of Health and Human Services (HHS) wants to raise the benchmarks of the Security ...
    Continue Reading
    Has contents: true Total pages: 3 Current page: 1
    1 2 3