Professionally Evil Insights

Welcome to the Professionally Evil Insights blog by Secure Ideas! In this digital playground, we unravel the complex world of information security with a touch of fun. Our expert-led content ranges from deep-dives into penetration testing to explorations of hardware hacking. Whether you're curious about Secure Ideas or passionate about cybersecurity, this blog is your quick, enlightening, and entertaining guide into the captivating world of information security.

Welcome aboard!

    The reason I stopped using Postman for API Pentests
    I’ve been a proponent of Postman for a number of years. I’ve written and spoken about using it in the API pentesting toolchain, proxied through your interception proxy (Burp/Zap/etc). This lets you use Postman as your clean version of the API calls, while tampering and fuzzing is delegated to the ...
    Continue Reading

    Never miss a Professionally Evil update!

    Using PETaaS to Lower Your Cyber Insurance Costs
    information security  |  cybersecurity  |  pentesting  |  cost  |  PETaaS  |  Cyber Insurance  |  Insurance
    Modern networks have more than their fair share of risks, with the most damaging often being data ...
    Continue Reading
    CyberScream - Hacking Like a Ghost(face)
    consulting  |  data breach  |  penetration testing  |  professionally evil  |  hacking  |  analysis  |  cybersecurity  |  pentesting  |  phishing  |  security breach  |  exploits  |  Halloween  |  webcast
    It’s that most hauntingly wonderful time of year again! Halloween is upon us, along with the dread ...
    Continue Reading
    Twelve Days of ZAPmas - Day 2 - The Edge of Tomorrow
    Day 2 - The Edge of Tomorrow - Replaying and Tampering with Requests Fuzzing and tampering are like ...
    Continue Reading
    How to allow multiple RDP sessions
    The goal of this article is to walk through how to set up a Windows host to allow multiple remote ...
    Continue Reading
    Wild West Hackin Fest 2022: The Return
    Man, San Diego is beautiful. I don't know exactly why John Strand and Black Hills Information ...
    Continue Reading
    How to Create Custom Probes For NMAP Service/Version Detection
    network  |  hacking  |  cybersecurity  |  pentesting  |  scanning  |  NMAP  |  version  |  service  |  probe  |  ports  |  match  |  chrome  |  debugging  |  nmap-service-probes  |  softmatch  |  rarity  |  directive  |  remote
    Overview NMAP is a fantastic tool for performing initial reconnaissance and enumeration. A simple ...
    Continue Reading
    Computers are People Too
    There are those rare times during pen tests, when you are on a client’s network and you don’t have ...
    Continue Reading
    Automating Red Team Homelabs: Part 2 – Build, Pentest, Destroy, and Repeat
    pentesting  |  automation  |  API  |  dev ops  |  home lab
    As of 2019-05-14 the Funny Stories section has been updated. Now that we understand what the goal ...
    Continue Reading
    A Container Hacker’s Guide to Living Off of the Land
    Sometimes as a pentester you find yourself in tricky situations. Depending on the type of ...
    Continue Reading