Professionally Evil Insights

Welcome to the Professionally Evil Insights blog by Secure Ideas! In this digital playground, we unravel the complex world of information security with a touch of fun. Our expert-led content ranges from deep-dives into penetration testing to explorations of hardware hacking. Whether you're curious about Secure Ideas or passionate about cybersecurity, this blog is your quick, enlightening, and entertaining guide into the captivating world of information security.

Welcome aboard!

    Privilege Escalation via File Descriptors in Privileged Binaries
    Today I wanted to cover an application security topic that applies to SetUID binaries. As we all know, making a mistake in a SetUID binary will lead to privilege escalation. Today’s topic is about SetUID binaries that drop privileges, but leave a file they opened, well, opened. This creates an ...
    Continue Reading

    Never miss a Professionally Evil update!

    How to Update the Nmap OUI Database
    network  |  professionally evil  |  Secure Ideas  |  NMAP  |  Linux  |  IEEE  |  OUI  |  nmap-mac-prefixes
    Overview In a previous blog post, I covered what an OUI is, how to extract them from a MAC address, ...
    Continue Reading
    LD_PRELOAD: Making a Backdoor by Hijacking accept()
    application security  |  professionally evil  |  Secure Ideas  |  LD_PRELOAD  |  accept  |  dup2  |  make  |  Linux  |  programming  |  Shared Objects  |  dlsym  |  shell  |  backdoor  |  rootkit  |  userland  |  ELF  |  inject  |  injection
    Today I want to continue the series on using LD_PRELOAD. In previous posts, we covered how to ...
    Continue Reading