Professionally Evil

Solving the November 13th Detective Nevil Mystery Challenge

Solving the November 13th Detective Nevil Mystery Challenge

Overview Each week on Friday, we post a social media challenge known as “Detective Nevil Mystery Challenge”.  On November 13th of 2020, we released a challenge that contained a payload and it was only solved by one person on twitter.  That challenge is as follows: I decided it might be a good idea to do …

Solving the November 13th Detective Nevil Mystery Challenge Read More »

LD_PRELOAD: Not-So-Random

Not-So-Random: Using LD_PRELOAD to Hijack the rand() Function

    Today I wanted to continue the series on using LD_PRELOAD.  In today’s post we are going to use LD_PRELOAD to hijack the rand() function in a simple random number guessing game to control the generation of random numbers and effectively be able to cheat in this simple game by making it extremely predictable.  The code …

Not-So-Random: Using LD_PRELOAD to Hijack the rand() Function Read More »

Einstein Told Us: Why User Awareness is NOT the right focus

“The definition of insanity is doing the same thing over and over again and expecting different results.” – Einstein (Well, not really!) Every day we hear another reason why user awareness (or better-named security awareness) is critical. We hear an announcement of another breach or social engineering attack. And then we get asked why security …

Einstein Told Us: Why User Awareness is NOT the right focus Read More »

Building Blocks: Professionally Evil Fundamentals Series

We at Secure Ideas love security education. What we enjoy even more is affordable security education. So we decided to start a Professionally Evil Fundamentals Video series. These are short definition videos related to information security and penetration testing. We believe that these videos are for anyone who wants to move into information security or …

Building Blocks: Professionally Evil Fundamentals Series Read More »

Professionally Evil CISSP Certification: Breaking the Bootcamp Model

ISC2 describes the CISSP as a way to prove “you have what it takes to effectively design, implement and manage a best-in-class cybersecurity program”.  It is one of the primary certifications used as a stepping stone in your cybersecurity career.   Traditionally, students have two different options to gain this certification; self-study or a bootcamp.  Both …

Professionally Evil CISSP Certification: Breaking the Bootcamp Model Read More »

Scroll to Top