Professionally Evil Blog

A blog by experts of penetration testing and other security assessments.
    Application Security 202: Vulnerabilities Accepted
    vul·ner·a·bil·i·ty The quality or state of being exposed to the possibility of being attacked or harmed, either physically or emotionally.   This is the Oxford English Dictionary definition of vulnerability.  But I’m going to modify it a little bit to reflect our topic of application security. ...
    Learn more

    Never miss a Professionally Evil update!

    Privilege Escalation via File Descriptors in Privileged Binaries
    Privilege Escalation via File Descriptors in Privileged Binaries
        Today I wanted to cover an application security topic that applies to SetUID binaries.  As we ...
    Learn more