Client Portal
Contact Us

Professionally Evil Blog

A blog by experts of penetration testing and other security assessments.
    Testing, open source, web penetration testing, OWASP, mobile application, web application security, API
    ZAPmas Feedback
    Sometimes Christmas comes early, and in this case for me it was the publication of the Twelve Days of ZAPmas blog posts by Mic Whitehorn-Gillam. If you have not read them yet then please do - they are a great introduction to ZAP and provide what I think is a very fair and balanced comparison to ...
    Learn more

    Never miss a Professionally Evil update!

    Sign Up For Our Newsletter
    12 Days of ZAPmas - Day 12 Testing a new Content-Security-Policy
    12 Days of ZAPmas - Day 12 Testing a new Content-Security-Policy
    What is the CSP? The Content-Security-Policy (CSP) is a widely recommended control and is ...
    Learn more
    Application Security 202: Vulnerabilities Accepted
    Application Security 202: Vulnerabilities Accepted
    vul·ner·a·bil·i·ty The quality or state of being exposed to the possibility of being attacked or ...
    Learn more
    ViewState XSS: What's the Deal?
      As penetration testers, there are many different technologies that we have to be familiar with.  ...
    Learn more
    Testing ASP.Net WebForms: Request Method Validation
      As a professional penetration tester, there are many features of an application that are similar ...
    Learn more