Professionally Evil Blog

A blog by experts of penetration testing and other security assessments.
    Twelve Days of ZAPmas - Day 9 - Automated Scanning and ATTACK mode
    Automated scanning against an application is useful. It’s a faster and less labor-intensive way to find certain types of flaws. It’s also terrible at identifying other types of flaws, because it doesn’t understand context and it doesn’t understand your business. In casual conversation, the phrase I ...
    Learn more

    Never miss a Professionally Evil update!

    Twelve Days of ZAPMAS - Day 6 - Passive Flaw Detection and Using the HUD
    Twelve Days of ZAPMAS - Day 6 - Passive Flaw Detection and Using the HUD
    One of the awesome things about a security-focused interception proxy like ZAP is its ability to ...
    Learn more
    Quick Bites - Finding Open Windows File Shares
    Quick Bites - Finding Open Windows File Shares
    Hi there, ladies and gentlemen! My name is Aaron Moss, and welcome to the first edition of Quick ...
    Learn more
    How to Create Custom Probes For NMAP Service/Version Detection
    How to Create Custom Probes For NMAP Service/Version Detection
    Overview NMAP is a fantastic tool for performing initial reconnaissance and enumeration.  A simple ...
    Learn more