Training

Professionally Evil Web App Pen Testing 101 Course

UPDATE: Updated the done steps. below.  Also changed the links from S3 to Git. Since our founding in 2010 Secure Ideas has always tried to focus on education and increasing the amount of available knowledge in our field.   As such we have contributed to courses, presented at conferences around the world and contributed to open …

Professionally Evil Web App Pen Testing 101 CourseRead More »

Announcing Tactical Sec Ops: Cloud Edition Online

2016 is shaping up to be an interesting and exciting time at Secure Ideas. We have always done training in one form or another. Many of you may have first heard of Secure Ideas through the training that we have done for organizations such as SANS, DerbyCon, Blackhat, OWASP, MISTI, Princeton University, Columbia University, and …

Announcing Tactical Sec Ops: Cloud Edition OnlineRead More »

CORS Global Policy

I recently noticed an uptake on Cross-Origin Resource Sharing (CORS) findings showing up in automated scanning tools, which would not have been a significant concern except for the fact that the tools were rating this as a relatively “high” severity and very few people I asked about it seemed to have any idea what it …

CORS Global PolicyRead More »

Comprehensive Testing: Red and Blue Make Purple Video

James Jardine and I held the Comprehensive Testing (Purple Teaming) webcast yesterday.  In this webcast we discussed how red teaming works, what it means to be a blue team member and how combining the testing of these roles improves the security of an organization.  We talked through various misconceptions and told a lot of stories. …

Comprehensive Testing: Red and Blue Make Purple VideoRead More »

Professionally Evil Web Penetration Testing Class

Ever thought about being able to test the security of your web applications? Wanted to know how the Professionally Evil hack web services and applications?  Interested in upgrading your skills around attacking modern web applications? Well now you have your chance! Secure Ideas is excited to announce the latest in our course offerings.  We will be …

Professionally Evil Web Penetration Testing ClassRead More »

SamuraiWTF Training with Charlotte ISSA

Charlotte ISSA will be hosting a two-day Samurai-WTF (Web Testing Framework) course led by myself (Jason Gillam of Secure Ideas) January 21st and 22nd.  Students will learn the latest Samurai-WTF open source tools and the latest manual techniques to perform an end-to-end penetration test. After a quick overview of pen testing methodology, the instructors will …

SamuraiWTF Training with Charlotte ISSARead More »

Professionally Evil Training: Tactical Burp Suite Webinar

Tactical Burp Suite Webinar Secure Ideas is excited to announce its latest upcoming online training.  We will be offering a two-hour session exploring Burp Suite and its use in a web application penetration test.  Kevin Johnson and James Jardine will explore the various features of Burp Suite, focused on how we use the system during …

Professionally Evil Training: Tactical Burp Suite WebinarRead More »

Tactical Burp Suite Webinar

We have decided to try something new here at Secure Ideas.  We have a long history (as long as the company actually) of doing webcasts and presentations around the country.  (And we plan on continuing those!)  But we thought maybe we could start doing some of our own.  So we have recently signed up with …

Tactical Burp Suite WebinarRead More »

Professionally Evil Toolkit – Sqlmap

In this series of the Professionally Evil Toolkit we will be talking about sqlmap. Sqlmap is an open source penetration testing tool that is written in python. Sqlmap automates the process of detecting/exploiting SQL injection flaws and taking over of database servers.  As you might know, SQL injection is ranked number one on the OWASP …

Professionally Evil Toolkit – SqlmapRead More »

Scroll to Top