Professionally Evil Insights

Welcome to the Professionally Evil Insights blog by Secure Ideas! In this digital playground, we unravel the complex world of information security with a touch of fun. Our expert-led content ranges from deep-dives into penetration testing to explorations of hardware hacking. Whether you're curious about Secure Ideas or passionate about cybersecurity, this blog is your quick, enlightening, and entertaining guide into the captivating world of information security.

Welcome aboard!

    Twelve Days of ZAPMAS - Day 6 - Passive Flaw Detection and Using the HUD
    Twelve Days of ZAPMAS - Day 6 - Passive Flaw Detection and Using the HUD
    One of the awesome things about a security-focused interception proxy like ZAP is its ability to ...
    Continue Reading
    Twelve Days of ZAPmas - Day 5 - Scope and Contexts
    Twelve Days of ZAPmas - Day 5 - Scope and Contexts
    Normally I don’t like having my interception proxy hide out-of-scope traffic. Doing so creates a ...
    Continue Reading
    Twelve Days of ZAPmas - Day 4 - Fuzzing for Injection
    Twelve Days of ZAPmas - Day 4 - Fuzzing for Injection
    I briefly introduced fuzzing earlier in the series, citing it as the second primitive upon which ...
    Continue Reading
    Twelve Days of ZAPmas - Day 3 - CYA (Cover Your Auth)
    Twelve Days of ZAPmas - Day 3 - CYA (Cover Your Auth)
    Access control is one of the crucial elements to application security. The vast majority of ...
    Continue Reading
    Twelve Days of ZAPmas - Day 2 - The Edge of Tomorrow
    Twelve Days of ZAPmas - Day 2 - The Edge of Tomorrow
    Day 2 - The Edge of Tomorrow - Replaying and Tampering with Requests Fuzzing and tampering are like ...
    Continue Reading
    Twelve Days of ZAPmas - Day 1 - Setting Up ZAP
    Twelve Days of ZAPmas - Day 1 - Setting Up ZAP
    This holiday season, I’m going to run down some of the ins and outs of working with OWASP Zed ...
    Continue Reading
    Coming Soon - Twelve Days of ZAPmas
    Coming Soon - Twelve Days of ZAPmas
    In December of 2018, I published a twelve-day series of cross-site scripting tips, tricks, and ...
    Continue Reading
    Quick Bites Ep 4 - Let's Talk About SSRF, Baby!
    Quick Bites Ep 4 - Let's Talk About SSRF, Baby!
    Let’s talk about you and (application) secur-i-ty! Let’s talk about all the good things and the bad ...
    Continue Reading
    Why your application needs a Content Security Policy (And How to Build One)
    Why your application needs a Content Security Policy (And How to Build One)
    As a web application owner, it is crucial to understand the concept of a content security policy ...
    Continue Reading
    Quick Bites Episode 2 - HTTP Security Headers and Why You NEED Them
    Quick Bites Episode 2 - HTTP Security Headers and Why You NEED Them
    Hi everybody! So, after some feedback about the last “quick” Quick Bites (thanks Josh!), I’ve ...
    Continue Reading
    Wild West Hackin Fest 2022: The Return
    Wild West Hackin Fest 2022: The Return
    Man, San Diego is beautiful. I don't know exactly why John Strand and Black Hills Information ...
    Continue Reading
    1 2 3

    Never miss a professionally evil update!

    Sign Up For Our Newsletter