Month: July 2013

Kismet Log Viewer v2 Tool Released

Secure Ideas actively supports open source and giving back to the community. In that light, we’re announcing the release of an updated tool for parsing and viewing Kismet log files. Kismet is a fantastic tool for wireless network assessments. It passively detects networks, SSIDs, and with enough time can even decloak hidden networks by capturing …

Kismet Log Viewer v2 Tool ReleasedRead More »

Professionally Evil Toolkit – BozoCrack

This week I’ve been teaching a class on web app security for developers and I remembered a fun little script that I thought I’d share here.  That script is BozoCrack, written by Juuso Salonen.  I’d give my description of what this tool does, but I’ll use Juuso’s words from his GitHub page instead.  It’s pretty classic. …

Professionally Evil Toolkit – BozoCrackRead More »

Professionally Evil Perspective podcast: Mobile Security Testing – Tips and Tools

I have to say that I really enjoy doing the Professionally Evil Perspective (PEP) podcast with Kevin.  It started as a crazy idea that I had a few months ago, and it is just as fun as I had hoped it would be.  In this episode, we are joined by Nathan Sweaney, a Senior Security …

Professionally Evil Perspective podcast: Mobile Security Testing – Tips and ToolsRead More »

Professionally Evil Toolkit – Reconnoiter

In this series of the Professionally Evil Toolkit we will be talking about Reconnoiter. Reconnoiter was created by Secure Ideas very own Jason Wood. Reconnoiter is a set of scripts written in python to help aid in the reconnaissance phase of a penetration test.  The tool has two main functions, username generation and LinkedIn profile harvesting. The …

Professionally Evil Toolkit – ReconnoiterRead More »

Who We Are: Thom Dosedel

Who am I: Thom Dosedel, Senior Security Consultant at Secure Ideas.  What do I do at Secure Ideas: Like my fellow consultants, I participate in both internal and external penetration tests performing structured attacks on network, web, wireless, or mobile environments.  We also perform architecture reviews, provide defense based analysis and recommendations. What is my …

Who We Are: Thom DosedelRead More »

Why Do Phishing As Part of Security Testing

I was recently watching a web cast on incident response and found myself thinking about the cause of the example incident.  It was yet another instance where phishing emails were sent, desktops were owned and data left the victim’s network.  I’m not sure how many presentations, web casts and papers that I’ve listened/read that point …

Why Do Phishing As Part of Security TestingRead More »

Scroll to Top