Professionally Evil Blog

A blog by experts of penetration testing and other security assessments.
    How to iterate through advfirewall rules
        There are several ways to pull firewall information from a Windows system.  Today we will leverage Powershell to quickly find and review the different Remote Desktop rules that are in place. This use case revolves around Remote Desktop being our key search term, but this filter can be adjusted ...
    Learn more

    Never miss a Professionally Evil update!

    Working With Data: IP and Port Filtering
    Working With Data: IP and Port Filtering
      During our day-to-day work, there’s a lot of data that we interact with.  In order to make good ...
    Learn more
    Privilege Escalation via File Descriptors in Privileged Binaries
    Privilege Escalation via File Descriptors in Privileged Binaries
        Today I wanted to cover an application security topic that applies to SetUID binaries.  As we ...
    Learn more
    How to Update the Nmap OUI Database
    How to Update the Nmap OUI Database
    Overview     In a previous blog post, I covered what an OUI is, how to extract them from a MAC ...
    Learn more
    Of MAC Addresses and OUI: A Subtle, but Useful, Recon Resource
    Of MAC Addresses and OUI: A Subtle, but Useful, Recon Resource
        When it comes to reconnaissance, every little bit of information can be helpful.  Today, we ...
    Learn more
    LD_PRELOAD: Making a Backdoor by Hijacking accept()
    LD_PRELOAD: Making a Backdoor by Hijacking accept()
        Today I want to continue the series on using LD_PRELOAD.  In previous posts, we covered how to ...
    Learn more