Skip to content
Raxis
  • Home
  • Services
      Core Services
    • Raxis Red Team
    • AI Augmented Penetration Testing
    • Penetration Testing as a Service (PTaaS)
    • Elite Cybersecurity Services
    • Raxis listed as a Sample Vendor for Penetration Testing as a Service in two Gartner® Hype Cycle™, 2024 reports
      • Penetration Testing
    • Penetration Testing Services
    • Web Application Penetration Testing
    • API Security
    • Salesforce Applications
    • Internal Networks, Cloud, and VPC
    • External Networks and Internet
    • Wireless Networks
    • Mobile Applications
      • CyberSecurity Services
    • Compliance: PCI, HIPAA, GLBA, and more
    • Attack Surface Management
    • Breach and Attack Simulation
    • Cybersecurity Code Review
    • Cybersecurity Red Team
    • Phishing and Spear Phishing
    • Social Engineering
  • Industries
      Critical Infrastructure
    • Energy
    • Communications
    • Transportation
    • Water
      • Compliance Driven
    • Credit Card Industry (PCI)
    • Education
    • Finance and Banking
    • GLBA Safeguards Rule
    • Government Agencies
    • Healthcare (HIPAA)
    • Manufacturing
    • SOC 2
      • Technology
    • Technology and Software Development
    • Blockchain and Cryptocurrency
    • Media and Entertainment
    • Social Media
  • Resources
      Company Information
    • About Raxis
    • Careers
    • Meet Our Team
    • Signup for Raxis News
      • Resources
    • The Exploit Blog
    • Become a Raxis Partner
    • Certifications
    • Raxis One
    • Transporter Remote Pentesting
      • About Ethical Hacking
    • An Inside Look at a Raxis Red Team
    • Red, Blue, and Purple Teams
    • Penetration Test Glossary
    • What is a Penetration Test?
    • What is Web Application Penetration Testing?
  • The Exploit Blog
  • About Us
Contact Raxis Login
Raxis
Contact RaxisIcon Link to Contact Raxis
  • Home
  • Services
      Core Services
    • Raxis Red Team
    • AI Augmented Penetration Testing
    • Penetration Testing as a Service (PTaaS)
    • Elite Cybersecurity Services
    • Raxis listed as a Sample Vendor for Penetration Testing as a Service in two Gartner® Hype Cycle™, 2024 reports
      • Penetration Testing
    • Penetration Testing Services
    • Web Application Penetration Testing
    • API Security
    • Salesforce Applications
    • Internal Networks, Cloud, and VPC
    • External Networks and Internet
    • Wireless Networks
    • Mobile Applications
      • CyberSecurity Services
    • Compliance: PCI, HIPAA, GLBA, and more
    • Attack Surface Management
    • Breach and Attack Simulation
    • Cybersecurity Code Review
    • Cybersecurity Red Team
    • Phishing and Spear Phishing
    • Social Engineering
  • Industries
      Critical Infrastructure
    • Energy
    • Communications
    • Transportation
    • Water
      • Compliance Driven
    • Credit Card Industry (PCI)
    • Education
    • Finance and Banking
    • GLBA Safeguards Rule
    • Government Agencies
    • Healthcare (HIPAA)
    • Manufacturing
    • SOC 2
      • Technology
    • Technology and Software Development
    • Blockchain and Cryptocurrency
    • Media and Entertainment
    • Social Media
  • Resources
      Company Information
    • About Raxis
    • Careers
    • Meet Our Team
    • Signup for Raxis News
      • Resources
    • The Exploit Blog
    • Become a Raxis Partner
    • Certifications
    • Raxis One
    • Transporter Remote Pentesting
      • About Ethical Hacking
    • An Inside Look at a Raxis Red Team
    • Red, Blue, and Purple Teams
    • Penetration Test Glossary
    • What is a Penetration Test?
    • What is Web Application Penetration Testing?
  • The Exploit Blog
  • About Us
The Exploit Blog

Raxis Cybersecurity Insights From The Frontlines

  • Corporate Cybersecurity
    Tips For Everyone

    What Companies Should be Telling Investors about Cybersecurity

    ByMark Puckett July 2, 2021

    Investors shoulder much of a company’s cybersecurity risks. They deserve as much information about the safeguards as is prudent to reveal.

    Read More What Companies Should be Telling Investors about CybersecurityContinue

  • JavaScript Execution to Display User's Cookie in an Alert Box
    Security Recommendations

    ManageEngine Applications Manager Stored Cross-Site Scripting Vulnerability (CVE-2021-31813)

    ByRaxis Research Team June 25, 2021July 28, 2025

    Raxis’ Matt Dunn has discovered another ManangeEngine cross-site scripting (XSS) vulnerability, this time in the Applications Manager product (CVE-2021-31813).

    Read More ManageEngine Applications Manager Stored Cross-Site Scripting Vulnerability (CVE-2021-31813)Continue

  • Computer, tablet and smart phone
    Penetration Testing | Web Apps

    What You Need to Know (But Were Afraid to Ask) about Raxis Web App Testing

    ByBrad Herring June 18, 2021July 28, 2025

    When testing web apps, the diverse skills Raxis brings to the table ensure that you get meaningful, actionable findings that will make your app more secure.

    Read More What You Need to Know (But Were Afraid to Ask) about Raxis Web App TestingContinue

  • Unescaped JavaScript Tags
    Exploits

    ManageEngine Key Manager Plus Cross-Site Scripting Vulnerability (CVE-2021-28382)

    ByRaxis Research Team June 11, 2021July 28, 2025

    Raxis’ Lead Penetration Tester Matt Dunn discovers another cross-site scripting vulnerability in Zoho’s MangeEngine Key Manager Plus (CVE-2021-28382).

    Read More ManageEngine Key Manager Plus Cross-Site Scripting Vulnerability (CVE-2021-28382)Continue

  • Raxis Transporter
    Penetration Testing

    Raxis’ Transporter Enables Remote Penetration Testing

    ByTim Semchenko June 4, 2021July 28, 2025

    Tim Semchenko explains how Raxis Transporter enables our team to conduct internal and wireless penetration tests remotely.

    Read More Raxis’ Transporter Enables Remote Penetration TestingContinue

  • Clickjacking causes user to unknowingly purchase tickets
    How To

    Realistically Assessing the Threat of Clickjacking Today: A Penetration Tester Perspective

    ByAdam Fernandez May 28, 2021June 16, 2025

    Raxis’ Lead Developer Adam Fernandez discusses clickjacking, explaining what it is and why it represents less of a threat now than it once did. Adam also talks about how clickjacking differs from similar attacks.

    Read More Realistically Assessing the Threat of Clickjacking Today: A Penetration Tester PerspectiveContinue

  • Cross-Site Scripting Vulnerability in ManageEngine AD Self Service Plus (CVE-2021-27956)
    Exploits

    Cross-Site Scripting Vulnerability in ManageEngine AD Self Service Plus (CVE-2021-27956)

    ByRaxis Research Team May 20, 2021July 26, 2025

    Raxis lead penetration tester Matt Dunn has uncovered a new cross-site scripting vulnerability in Manage Engine AD Self Service Plus (CVE-2021-27956). Find out more here.

    Read More Cross-Site Scripting Vulnerability in ManageEngine AD Self Service Plus (CVE-2021-27956)Continue

  • Two people at laptops sending data at each other
    In The News | Security Recommendations

    Why Mutual Assured Destruction is an Incomplete Cyber Defense Strategy

    ByBonnie Smyre May 14, 2021July 28, 2025

    Is the threat of full-scale retaliation enough to prevent large-scale cyberattacks? Raxis’ Bonnie Smyre explains why this Cold War strategy is not effective.

    Read More Why Mutual Assured Destruction is an Incomplete Cyber Defense StrategyContinue

  • Go Phish
    How To | Phishing

    Phish Like the Pros

    ByScottie Cole May 7, 2021July 27, 2025

    Phish attacks are a significant threat to all organizations. In this video Raxis’ Scottie Cole shares tips and tricks for phishing assessments.

    Read More Phish Like the ProsContinue

  • LDAP Passback
    Exploits | How To

    LDAP Passback and Why We Harp on Passwords

    ByRaxis Research Team April 30, 2021June 6, 2025

    LDAP passback exploits are easy when companies fail to change default passwords on network devices or fail to assign a password at all. If you connect it, you must protect it.

    Read More LDAP Passback and Why We Harp on PasswordsContinue

  • .be .wa .re .sc .am .me .rs
    Security Recommendations

    A High-Tech Take on an Old-Time Scam

    ByBrian Tant April 23, 2021

    Don’t fall prey to scammers trying to convince you that your domain name is about to be stolen by an overseas company.

    Read More A High-Tech Take on an Old-Time ScamContinue

  • SonicWall
    Patching | Security Recommendations

    SonicWall Patches Three Zero-Day Vulnerabilities

    ByRaxis Research Team April 21, 2021

    Cybersecurity company SonicWall has released patches for three zero-day vulnerabilities that are currently being exploited.

    Read More SonicWall Patches Three Zero-Day VulnerabilitiesContinue

Page navigation

Previous PagePrevious 1 2 3 4 5 Next PageNext

2870 Peachtree Road
Suite #915-8924
Atlanta, GA 30305 USA

Contact us online

About Raxis

  • About Raxis
  • Careers
  • Terms and Conditions
  • Privacy Policy
  • Partners, Apply Here

Resources

  • The Exploit
  • Transporter Remote Penetration Testing
  • Penetration Test Glossary
  • What is a Penetration Test?
Facebook X Instagram Linkedin YouTube