The Exploit

Notes from the Front Lines of Penetration Testing

**Welcome to The Exploit, the official blog of Raxis.**

Our team of expert penetration testers and red team operators share insights on cybersecurity, real-world attack techniques, and the latest threat trends. From uncovering vulnerabilities to demonstrating how attackers think, The Exploit delivers practical knowledge to help organizations strengthen their defenses.

Raxis doesn’t just talk about cybersecurity — we live it every day. The Exploit is your front-row seat to the tactics, stories, and strategies that help organizations stay ahead of attackers.

In The News | Phishing | Social Engineering

SpamGPT: Protecting Your Company From Large-Scale Phishing

October 9, 2025

by Nathan Anderson

1-6 of 228 results

Cool Tools Series: Kerbrute

By

Andrew Trexler

Raxis Principal Penetration Tester Andrew Trexler walks through the many uses of Kerbrute from user enumeration to brute-forcing and password spraying.
Read more
Microsoft Copilot Coming Soon to a Desktop Near You

By

Jason Taylor

With Microsoft automatically installing Copilot on Windows systems with Microsoft 365 desktop apps installed, organizations will want to set up AI policies.
Read more
Lateral Movement: From Beachhead to Breach

By

Nate Jernigan

Raxis Senior Penetration Tester Nate Jernigan discusses lateral movement in penetration testing and the methods and tools he uses when performing these attacks.
Read more
Lessons from the DaVita Healthcare Ransomware Attack

By

Brian Tant

The DaVita ransomware attack is one of the most impactful recent healthcare breaches. Learn what happened and what could have been done to limit…
Read more
HTTP/1.1 Security News: What You Can Do Now

By

Jason Taylor

A recent Portswigger white paper on HTTP/1.1 highlights critical security issues. If you use old products that still require it, here’s what you can…
Read more
Dev’s Fast Reporting of Phish Reduced Impact on Blockchain Malware Attacks

By

Andrew Trexler

A recent successful phish allowed attackers to run malware targeting cryptocurrency transactions on various blockchains, but fast reporting limited the damage.
Read more