Secure Ideas - Tagged - Security Boulevard
Professionally Evil Fundamentals: Introduction

Linux X86 Assembly – How To Test Custom Shellcode Using a C Payload Tester

Overview In the last blog post in this series, we created a tool to make it easy to build our custom payloads and extract them.  However, what if we want to test ...

It Was The Best Of Times, It Was The Worst Of Times…A Tale of Two Passwords

Two of the characters in Charles Dickens’ beloved novel, A Tale of Two Cities have such similar features that their identities are swapped.  No one notices.  One escapes and reunites with his ...
Professionally Evil Fundamentals: Introduction

Linux X86 Assembly – How To Make Payload Extraction Easier

Overview In the last blog post of the X86 Linux assembly series, we focused on how to make our Hello World payload friendly for use as a payload in exploits.  However, we ...
Professionally Evil Fundamentals: Introduction

Linux X86 Assembly – How to Make Our Hello World Usable as an Exploit Payload

Overview In the last two tutorials, we built a Hello World program in NASM and GAS for x86 assembly.  While this can help us learn x86 assembly, it isn’t viable as a ...
Professionally Evil Fundamentals: Introduction

Linux X86 Assembly – How to Build a Hello World Program in NASM

Overview A processor understands bytecode instructions specific to that architecture.  We as humans use mnemonics to make building these instructions easier than remembering a bunch of binary codes.  These mnemonics are known ...
Professionally Evil Fundamentals: Introduction

A Hacker’s Tour of the X86 CPU Architecture

Overview The Intel x86 CPU architecture is one of the most prolific CPU architectures for desktops, laptops, and servers.  While other architectures exist and are even taking some market share with mobile ...
Professionally Evil Fundamentals: Introduction

LD_PRELOAD: How to Run Code at Load Time

    Today I want to continue the series on using LD_PRELOAD.  In previous posts, we covered how to inject a shared object binary into a process, and use that to hijack a library ...
Professionally Evil Fundamentals: Introduction

LD_PRELOAD: How to Run Code at Load Time

    Today I want to continue the series on using LD_PRELOAD.  In previous posts, we covered how to inject a shared object binary into a process, and use that to hijack a library ...
Android Virtual Device for a Mobile PenTest

How to configure Android (Virtual) for Mobile PenTest

This post is about setting up an Android Virtual Machine (AVD) for a mobile application penetration test ...
Professionally Evil Fundamentals - Encryption

Encryption – CISSP Domain 3

We’re circling back to some more CISSP-related materials. Today’s topic will be encryption, which can be found in CISSP Domain 3. By its very nature, encryption is meant to hide the meaning ...