Professionally Evil

Solving the November 13th Detective Nevil Mystery Challenge

Solving the November 13th Detective Nevil Mystery Challenge

Overview Each week on Friday, we post a social media challenge known as “Detective Nevil Mystery Challenge”.  On November 13th of 2020, we released a challenge that contained a payload and it was only solved by one person on twitter.  That challenge is as follows: I decided it might be a good idea to do …

Solving the November 13th Detective Nevil Mystery Challenge Read More »

LD_PRELOAD: Not-So-Random

Not-So-Random: Using LD_PRELOAD to Hijack the rand() Function

    Today I wanted to continue the series on using LD_PRELOAD.  In today’s post we are going to use LD_PRELOAD to hijack the rand() function in a simple random number guessing game to control the generation of random numbers and effectively be able to cheat in this simple game by making it extremely predictable.  The code …

Not-So-Random: Using LD_PRELOAD to Hijack the rand() Function Read More »

LD_PRELOAD – Introduction

    Today I wanted to start what I plan to be a small series of blog posts about LD_PRELOAD. LD_PRELOAD is related to Linux based systems and revolves around the loader system and how shared object libraries resolve linker symbols when loading a dynamically linked ELF binary and is loaded before any other shared object libraries. …

LD_PRELOAD – Introduction Read More »

Encryption

Encryption – CISSP Domain 3

We’re circling back to some more CISSP-related materials.  Today’s topic will be encryption, which can be found in CISSP Domain 3. By its very nature, encryption is meant to hide the meaning or intent of a communication from unintended recipients.  This process takes place when a message is converted from plain text (text that is …

Encryption – CISSP Domain 3 Read More »

Encoding

Encoding – CISSP Domain 3

Today we’re going to take a quick look at encoding, as covered in Domain 3 of the CISSP common body of knowledge (CBK). There is often some confusion between encoding and encryption, so one of the purposes of this article is to look at how the CBK defines encoding. Encoding is the action of changing …

Encoding – CISSP Domain 3 Read More »

Einstein Told Us: Why User Awareness is NOT the right focus

“The definition of insanity is doing the same thing over and over again and expecting different results.” – Einstein (Well, not really!) Every day we hear another reason why user awareness (or better-named security awareness) is critical. We hear an announcement of another breach or social engineering attack. And then we get asked why security …

Einstein Told Us: Why User Awareness is NOT the right focus Read More »

Building Blocks: Professionally Evil Fundamentals Series

We at Secure Ideas love security education. What we enjoy even more is affordable security education. So we decided to start a Professionally Evil Fundamentals Video series. These are short definition videos related to information security and penetration testing. We believe that these videos are for anyone who wants to move into information security or …

Building Blocks: Professionally Evil Fundamentals Series Read More »

Scroll to Top