Over the last eight years, one of the main focuses of Secure Ideas has been education. One responsibility we take very seriously is that of growing the skills within our clients and the public, with the objective of raising the bar in security. This mindset and core passion of Secure Ideas is because we all …
Spring Break without Breaking the Bank: Hands On Training Read More »
UPDATE: Updated the done steps. below. Also changed the links from S3 to Git. Since our founding in 2010 Secure Ideas has always tried to focus on education and increasing the amount of available knowledge in our field. As such we have contributed to courses, presented at conferences around the world and contributed to open …
Professionally Evil Web App Pen Testing 101 Course Read More »
This one is for you web penetration testers! This new Burp extension is designed to help with efficiency when you are testing a complex application full of parameters or a series of applications and just do not have enough time to thoroughly analyze each one. It analyzes all the parameters in your in-scope traffic and …
Here’s a quick tip I use to save some time when spinning up Burp Suite on a Mac. I use Burp Suite frequently enough that having an icon on my task bar is warranted. I also like to start Burp Suite with more memory allocated to the JVM than the default. To accomplish all of …
Burp BS… where the “BS” stands for BeanShell. “What on earth is BeanShell?” you may ask? BeanShell is a very old Java library that was designed to build scripts in Java (full details on www.beanshell.org). It never really caught on for general use because the Java language is designed from the ground up to be …
Every pen tester looks forward to that next encounter that includes one of those uncommon vulnerabilities that ultimately result in an exciting session of exploration and learning. During a recent web penetration test I ran across one of these rare gems when I started seeing some odd behavior on a forgot password form. In this …
Adventures in LDAP Injection: Exploiting and Fixing Read More »
Start 2015 right with a free web session to learn all about the Burp CO2 plugin! This training is scheduled for Thursday, January 8th, 2015 at 2pm EST. Portswigger’s Burp Suite is a very popular and flexible intercepting proxy tool among web application penetration testers. During this training session I will provide an overview of …
Ever thought about being able to test the security of your web applications? Wanted to know how the Professionally Evil hack web services and applications? Interested in upgrading your skills around attacking modern web applications? Well now you have your chance! Secure Ideas is excited to announce the latest in our course offerings. We will be …
Professionally Evil Web Penetration Testing Class Read More »
Secure Ideas is excited to announce its latest upcoming online training. We will be offering a two-hour session exploring advanced topics related to Burp Suite and its use in a web application penetration test. Kevin Johnson and James Jardine will explore the various features of Burp Suite, focusing on how we use the system during our penetration …
Professionally Evil Training: Advanced Tactical Burp Webinar Read More »
Tactical Burp Suite Webinar Secure Ideas is excited to announce its latest upcoming online training. We will be offering a two-hour session exploring Burp Suite and its use in a web application penetration test. Kevin Johnson and James Jardine will explore the various features of Burp Suite, focused on how we use the system during …
Professionally Evil Training: Tactical Burp Suite Webinar Read More »