Professionally Evil Blog

A blog by experts of penetration testing and other security assessments.
    Steam Deck Privacy and Security
    Like any portable computing device, there are going to be questions about privacy and security.  The Steam Deck is no exception.  The Steam Deck has been quite popular lately, and is an interesting change up for Valve, the device’s manufacturer.  The fact that the Steam Deck runs Linux has pushed ...
    Learn more

    Never miss a Professionally Evil update!

    Quick Bites Episode 2 - HTTP Security Headers and Why You NEED Them
    Quick Bites Episode 2 - HTTP Security Headers and Why You NEED Them
    Hi everybody!  So, after some feedback about the last “quick” Quick Bites  (thanks Josh!), I’ve ...
    Learn more
    Digging Between the Couch Cushions - CouchDB CVE-2021-38295 Breakdown
    Digging Between the Couch Cushions - CouchDB CVE-2021-38295 Breakdown
    Introduction In this blog post we’re going to take a look at the recent CouchDB vulnerability, ...
    Learn more
    ViewState XSS: What's the Deal?
      As penetration testers, there are many different technologies that we have to be familiar with.  ...
    Learn more
    Testing ASP.Net WebForms: Request Method Validation
      As a professional penetration tester, there are many features of an application that are similar ...
    Learn more
    SamuraiWTF 2.0? What happened to 1.0?
    So the SamuraiWTF project have released the first few release candidates for the formal 2.0 ...
    Learn more
    How to Setup RatProxy on Windows
      In an effort to help developers and other windows users get started adding security testing into ...
    Learn more