Syndicated Blog - Security Boulevard

Syndicated Blog

Professionally Evil Insights
by Secure Ideas, LLC
Professionally Evil Fundamentals: Introduction

Linux X86 Assembly – How To Test Custom Shellcode Using a C Payload Tester

Overview In the last blog post in this series, we created a tool to make it easy to build our custom payloads and extract them.  However, what if we want to test ...

It Was The Best Of Times, It Was The Worst Of Times…A Tale of Two Passwords

Two of the characters in Charles Dickens’ beloved novel, A Tale of Two Cities have such similar features that their identities are swapped.  No one notices.  One escapes and reunites with his ...

Low Hanging Fruit Ninja: Slashing the Risks of the Human Element

A long time ago in a galaxy far, far away, I was not a Security Consultant.  I was a Chef.  And I worked as a corporate Chef for an organization that required ...
How to configure BurpelFish

How to configure BurpelFish

I recently was doing a pentest and was continuously looking up translations for words, and thought “there has to be a better way…”. That is when I landed on BurpelFish, which adds ...
Professionally Evil Fundamentals: Introduction

Linux X86 Assembly – How To Make Payload Extraction Easier

Overview In the last blog post of the X86 Linux assembly series, we focused on how to make our Hello World payload friendly for use as a payload in exploits.  However, we ...
A New Consultant’s 1st Con – Wild West Hackin Fest – Way West 2021

A New Consultant’s 1st Con – Wild West Hackin Fest – Way West 2021

Last month, I found myself Googling: Is weed legal in Nevada?  This was the day after arriving in Reno for Wild West Hacking Fest – Way West 2021.  I kept noticing that ...
Professionally Evil Fundamentals: Introduction

Linux X86 Assembly – How to Make Our Hello World Usable as an Exploit Payload

Overview In the last two tutorials, we built a Hello World program in NASM and GAS for x86 assembly.  While this can help us learn x86 assembly, it isn’t viable as a ...
Beyond Shell - Webcast

The Best Way to Capture Traffic in 2021

There are times when you need to capture some network traffic.  Maybe you’re troubleshooting a communication issue or maybe you’re doing something a little more suspect on a penetration test (looking for ...
Professionally Evil Fundamentals: Introduction

Linux X86 Assembly – How to Build a Hello World Program in GAS

Overview In the last tutorial, we covered how to build a 32-bit x86 Hello World program in NASM.  Today, we will cover how to do the same thing, but this time using ...