The Exploit Blog | Penetration Testing & Cybersecurity Insights by Raxis

Discover the Art of Penetration Testing

The Exploit is Raxis’ cybersecurity blog where our penetration testers and red team experts share real-world insights, attack techniques, and strategies to strengthen defenses against evolving threats. We feature expert advice, detailed breakdowns of exploits, and practical guidance to help organizations understand and respond to today’s most pressing security challenges.

Bypassing a WAF and a CSP with Google Tag Manager: An Attacker’s Perspective and Remediation Advice

By Ryan Chaplin

Posted in How To, Injection Attacks, Security Recommendations, Web Apps

Ryan Chaplin takes an in-depth look at how attackers can use unsafe directives to bypass CSP, notably in Google Tag Manager, and how to remediate the issue.

Exploits | In The News | Patching | Security Recommendations

CVE-2025-59886 Eaton Exploit Code Published

By Jason Taylor

Posted in Exploits, In The News, Patching, Security Recommendations

With exploit code available for the vulnerabilities in Eaton’s xComfort Ethernet Communication Interface, Jason Taylor recommends replacing or isolating.

In The News | Password Cracking | Security Recommendations

Publicly Accessible Database Discovered Hosting 149 Million Credentials

By Andrew Trexler

Posted in In The News, Password Cracking, Security Recommendations

Andrew Trexler looks at a recently discovered public database of stolen usernames and passwords and what you can do now to protect your access and information.

How To | Red Team |

PSE & Red Team Series: Social Engineering

By Nathan Anderson

Posted in How To, Red Team,

Lead Penetration Tester Nathan Anderson is back with more PSE and red team tips, including tailgating, impersonating, and pretexts to gain onsite access.

Exploits | In The News | Security Recommendations | Web Apps

The Growing Threat: Attackers Using GitHub Repositories as Malware Staging Mechanisms

By Brian Tant

Posted in Exploits, In The News, Security Recommendations, Web Apps

Recent attacks, including GitVenom and Lumma Stealer, underscore the threat of Attackers using GitHub repositories as malware staging mechanisms.

Search The Exploit

Stay up to date with the latest in penetration testing

Name(Required)

First Last

Email(Required)

Newsletter(Required)

Do you wish to join our newsletter? We send out emails once a month that cover the latest in cybersecurity news. We do not sell your information to other parties.

Yes! Please send me Popped Culture, the Raxis Newsletter.

Cybersecurity Insights From The Frontlines