Professionally Evil Insights
Welcome to the Professionally Evil Insights blog by Secure Ideas! In this digital playground, we unravel the complex world of information security with a touch of fun. Our expert-led content ranges from deep-dives into penetration testing to explorations of hardware hacking. Whether you're curious about Secure Ideas or passionate about cybersecurity, this blog is your quick, enlightening, and entertaining guide into the captivating world of information security.
Welcome aboard!
Top 5 Security Considerations for a New Web App: 4. Logging & Monitoring
Welcome to our comprehensive series on the Top 5 Security Considerations for a New Web App. This ...
Continue Reading
Top 5 Security Considerations for a New Web App: 3. Data Encryption & Protection
Welcome to my comprehensive series on the Top 5 Security Considerations for a New Web App. This ...
Continue Reading
Top 5 Security Considerations for a New Web App: 2. Authentication & Authorization
Welcome to my comprehensive series on the Top 5 Security Considerations for a New Web App. This ...
Continue Reading
Top 5 Security Considerations for a New Web App: 1. Secure Coding
Welcome to my comprehensive series on the Top 5 Security Considerations for a New Web App. For this ...
Continue Reading
Top 5 Security Considerations for a New Web App
There was a time when many folks responsible for building and deploying web applications were naive ...
Continue Reading
Understanding Server-Side Template Injection (SSTI)
Testing |
Training |
QA |
web penetration testing |
penetration testing |
application security |
OWASP |
web application security |
methodology |
OWASP Top 10
Web applications play a vital role in delivering dynamic content to users. To achieve this, ...
Continue Reading
Introducing BILE - Groundbreaking Classification for Web App
Training |
penetration testing |
OWASP |
web application security |
BILE |
OWASP Top 10 |
BILE Classification Scheme |
vulnerability classification
As a seasoned web application penetration tester, I've always felt that there should be a more ...
Continue Reading
ZAPmas Feedback
Testing |
open source |
web penetration testing |
OWASP |
mobile application |
web application security |
API
Sometimes Christmas comes early, and in this case for me it was the publication of the Twelve Days ...
Continue Reading
12 Days of ZAPmas - Day 12 Testing a new Content-Security-Policy
What is the CSP? The Content-Security-Policy (CSP) is a widely recommended control and is ...
Continue Reading
Twelve Days of ZAPmas - Day 11 - ZAP impressions from a Burp user
It probably seems a bit odd to do this on Day 11 and not at the end of the series, but I have one ...
Continue Reading
Twelve Days of ZAPmas - Day 10 - Manual Web App Testing Unproxied
Most of the time, proxying the browser doesn’t present any sort of trouble. You should be able to ...
Continue Reading