Professionally Evil Insights

Welcome to the Professionally Evil Insights blog by Secure Ideas! In this digital playground, we unravel the complex world of information security with a touch of fun. Our expert-led content ranges from deep-dives into penetration testing to explorations of hardware hacking. Whether you're curious about Secure Ideas or passionate about cybersecurity, this blog is your quick, enlightening, and entertaining guide into the captivating world of information security.

Welcome aboard!

    Featured Image
    Paths to Power in Active Directory Part 4: ESC3 – In The Name of The Crown
    penetration testing |  Active Directory |  Privilege Escalation
    In Part 2, ESC1 – No One, Yet Everyone, we examined a misconfiguration that allows a low-privileged user to request a certificate that represents a different account. That path focused on identity control and how subject manipulation can lead to privilege escalation. In Part 3, ESC2 – The Seal of ...
    Continue Reading

    Never miss a Professionally Evil update!

    Sign Up For Our Newsletter
    Paths to Power in Active Directory Part 2: ESC1 – No One, Yet Anyone
    Paths to Power in Active Directory Part 2: ESC1 – No One, Yet Anyone
    This is the second post in this series. Part I can be found here.
    Continue Reading
    Application Security 202: Vulnerabilities Accepted
    Application Security 202: Vulnerabilities Accepted
    vul·ner·a·bil·i·ty The quality or state of being exposed to the possibility of being attacked or ...
    Continue Reading
    Privilege Escalation via File Descriptors in Privileged Binaries
    Privilege Escalation via File Descriptors in Privileged Binaries
    Today I wanted to cover an application security topic that applies to SetUID binaries. As we all ...
    Continue Reading
    Has contents: true Total pages: 1 Current page: 1