Professionally Evil Insights

Welcome to the Professionally Evil Insights blog by Secure Ideas! In this digital playground, we unravel the complex world of information security with a touch of fun. Our expert-led content ranges from deep-dives into penetration testing to explorations of hardware hacking. Whether you're curious about Secure Ideas or passionate about cybersecurity, this blog is your quick, enlightening, and entertaining guide into the captivating world of information security.

Welcome aboard!

    Top 5 Security Considerations for a New Web App: 4. Logging & Monitoring
    Welcome to our comprehensive series on the Top 5 Security Considerations for a New Web App. This ...
    Continue Reading
    Top 5 Security Considerations for a New Web App: 3. Data Encryption & Protection
    Welcome to my comprehensive series on the Top 5 Security Considerations for a New Web App. This ...
    Continue Reading
    Top 5 Security Considerations for a New Web App: 2. Authentication & Authorization
    Welcome to my comprehensive series on the Top 5 Security Considerations for a New Web App. This ...
    Continue Reading
    Top 5 Security Considerations for a New Web App: 1. Secure Coding
    Welcome to my comprehensive series on the Top 5 Security Considerations for a New Web App. For this ...
    Continue Reading
    Top 5 Security Considerations for a New Web App
    There was a time when many folks responsible for building and deploying web applications were naive ...
    Continue Reading
    Understanding Server-Side Template Injection (SSTI)
    Web applications play a vital role in delivering dynamic content to users. To achieve this, ...
    Continue Reading
    Introducing BILE - Groundbreaking Classification for Web App
    As a seasoned web application penetration tester, I've always felt that there should be a more ...
    Continue Reading
    ZAPmas Feedback
    Sometimes Christmas comes early, and in this case for me it was the publication of the Twelve Days ...
    Continue Reading
    12 Days of ZAPmas - Day 12 Testing a new Content-Security-Policy
    What is the CSP? The Content-Security-Policy (CSP) is a widely recommended control and is ...
    Continue Reading
    Twelve Days of ZAPmas - Day 11 - ZAP impressions from a Burp user
    It probably seems a bit odd to do this on Day 11 and not at the end of the series, but I have one ...
    Continue Reading
    Twelve Days of ZAPmas - Day 10 - Manual Web App Testing Unproxied
    Most of the time, proxying the browser doesn’t present any sort of trouble. You should be able to ...
    Continue Reading