Raxis Research Team

The Raxis Research Team is dedicated to staying ahead of the threat landscape. Our experts dig into emerging exploits, uncover hidden vulnerabilities, and develop resources that power our penetration testing engagements. By combining curiosity with technical precision, the team equips Raxis testers with cutting-edge intelligence to simulate real-world attacks and strengthen client defenses.

the exploit blog logo
The Exploit: Penetration Testing Insights From The Frontlines

The Exploit articles written by Raxis Research Team

  • Unescaped JavaScript Tags
    ,

    ManageEngine Key Manager Plus Cross-Site Scripting Vulnerability (CVE-2021-28382)

     By Raxis Research Team Raxis’ Lead Penetration Tester Matt Dunn discovers another cross-site scripting vulnerability in Zoho’s MangeEngine Key Manager Plus (CVE-2021-28382). June 11, 2021
  • Cross-Site Scripting Vulnerability in ManageEngine AD Self Service Plus (CVE-2021-27956)
    ,

    Cross-Site Scripting Vulnerability in ManageEngine AD Self Service Plus (CVE-2021-27956)

     By Raxis Research Team Raxis lead penetration tester Matt Dunn has uncovered a new cross-site scripting vulnerability in Manage Engine AD Self Service Plus (CVE-2021-27956). Find out more here. May 20, 2021
  • LDAP Passback
    ,

    LDAP Passback and Why We Harp on Passwords

     By Raxis Research Team LDAP passback exploits are easy when companies fail to change default passwords on network devices or fail to assign a password at all. If you connect it, you must protect it. April 30, 2021
  • SonicWall
    ,

    SonicWall Patches Three Zero-Day Vulnerabilities

     By Raxis Research Team Cybersecurity company SonicWall has released patches for three zero-day vulnerabilities that are currently being exploited. April 21, 2021
  • Emblem of the Foreign Intelligence Service of the Russian Federation
    , ,

    NSA, FBI, CISA Statement on Russian SVR Activity

     By Raxis Research Team The US government is warning businesses to beware of vulnerabilities being exploited by the Russian Foreign Intelligence Service (SVR RF). But that’s not the only group taking advantage. Here’s what you should do. April 21, 2021