Hacking

Professionally Evil Courses: Advanced Mobile PenTesting with MobiSec

Secure Ideas is excited to announce that Kevin Johnson and James Jardine will be teaching Advance Mobile PenTesting with MobiSec at Blackhat 2014.  This course will be offered twice, in two day sessions. In this hands-on, lab driven course students will be taught a methodology and series of techniques used to perform penetration testing of …

Professionally Evil Courses: Advanced Mobile PenTesting with MobiSecRead More »

Professionally Evil Courses: Mobile PenTesting with MobiSec

Secure Ideas is excited to announce that Jason Gillam will be teaching Mobile PenTesting with MobiSec at Charlotte ISSA 10th Annual Infosec Summit.  Kevin Johnson, one of the course authors, may be available on the second day. In this hands-on, lab driven course students will be taught a methodology and series of techniques used to perform penetration …

Professionally Evil Courses: Mobile PenTesting with MobiSecRead More »

Intercepting DNS

Recently during a penetration test, I discovered a Linksys WRT54G wireless router that had been installed on a customer’s network. Surprisingly, this device was accessible from the Internet with default credentials. Watching the client list, I noticed several clients connecting on & off throughout the day. We all know that this is bad, but how …

Intercepting DNSRead More »

Professionally Evil Training: Tactical Burp Suite Webinar

Tactical Burp Suite Webinar Secure Ideas is excited to announce its latest upcoming online training.  We will be offering a two-hour session exploring Burp Suite and its use in a web application penetration test.  Kevin Johnson and James Jardine will explore the various features of Burp Suite, focused on how we use the system during …

Professionally Evil Training: Tactical Burp Suite WebinarRead More »

Industry Issues: New Vulnerabilities and Marketing Problems

As a consultant, I spend a lot of my time working with organizations and staff to help them improve their security.  I do this via a number of methods including consulting, penetration testing, training, and other services.  But the foundation of what I do is explain the what, why, and how of information security.  And …

Industry Issues: New Vulnerabilities and Marketing ProblemsRead More »

Comparing Authorization Levels with Burp’s Compare Site Map feature

Burp Suite from Portswigger.net is a fantastic web app testing tool that we use regularly at Secure Ideas. Though Burp is very popular in the security industry, there are a lot of features that often get overlooked. One of these features is the “Compare Site Maps” feature. This wizard-based function compares two different site maps of a …

Comparing Authorization Levels with Burp’s Compare Site Map featureRead More »