Linux X86 Assembly – How To Make Payload Extraction Easier

Overview In the last blog post of the X86 Linux assembly series, we focused on how to make our Hello World payload friendly for use as a payload in exploits.  However, we didn’t cover how to extract the payload itself for use in exploits.  Sure you cou… Continue reading Linux X86 Assembly – How To Make Payload Extraction Easier

LD_PRELOAD: How to Run Code at Load Time

    Today I want to continue the series on using LD_PRELOAD.  In previous posts, we covered how to inject a shared object binary into a process, and use that to hijack a library function call to run our own code.  This is great when we want to overwrit… Continue reading LD_PRELOAD: How to Run Code at Load Time

How to configure Android (Virtual) for Mobile PenTest

This post is about setting up an Android Virtual Machine (AVD) for a mobile application penetration test.
The post How to configure Android (Virtual) for Mobile PenTest appeared first on Security Boulevard.
Continue reading How to configure Android (Virtual) for Mobile PenTest

Encryption – CISSP Domain 3

We’re circling back to some more CISSP-related materials.  Today’s topic will be encryption, which can be found in CISSP Domain 3. By its very nature, encryption is meant to hide the meaning or intent of a communication from unintended… Continue reading Encryption – CISSP Domain 3

Encoding – CISSP Domain 3

Today we’re going to take a quick look at encoding, as covered in Domain 3 of the CISSP common body of knowledge (CBK). There is often some confusion between encoding and encryption, so one of the purposes of this article is to look at how the CB… Continue reading Encoding – CISSP Domain 3

Workplace Surveillance, Apple and Google Contact Tracing Tech, Virtual Cybersecurity Conferences

In episode 119 for May 4th 2020: The use of thermal cameras and other technology to monitor the workplace for COVID-19, more details about Apple and Google’s contact tracing framework, and are virtual security conferences the new normal? ** Show … Continue reading Workplace Surveillance, Apple and Google Contact Tracing Tech, Virtual Cybersecurity Conferences

Welcome to the New Secureideas.com

We are excited to announce the launch of the new Secure Ideas website. It is located at the same url: https://www.secureideas.com. We hope you like our new look, designed to help you learn more about us and find the services that you need. Our performa… Continue reading Welcome to the New Secureideas.com

Professionally Evil CISSP Certification: Breaking the Bootcamp Model

ISC2 describes the CISSP as a way to prove “you have what it takes to effectively design, implement and manage a best-in-class cybersecurity program”.  It is one of the primary certifications used as a stepping stone in your cybersecur… Continue reading Professionally Evil CISSP Certification: Breaking the Bootcamp Model

Finding Your Weakness: Triaging Your Domains with SWAT

I have been involved in IT and security in one way or another for almost 30 years.  I have worked full time for organizations and consulted in a wide variety of jobs and responsibilities.  But one of the common issues I have seen and been par… Continue reading Finding Your Weakness: Triaging Your Domains with SWAT