Log4 Exploit Walkthrough
Log4j: How to Exploit and Test this Critical Vulnerability

In this article, Raxis’ CEO Mark Puckett describes how penetration testers and ethical hackers can[…]

OPENSSL v3.0.x: Critical Threat Alert
RAXIS THREAT ALERT: VULNERABILITY IN OPENSSL v3.0.x

In the cyberworld, news of a critical vulnerability affecting OpenSSL versions 3.0 – 3.0.6 will[…]

CVE-2022-35739: PRTG Network Monitor Cascading Style Sheets (CSS) Injection
CVE-2022-35739: PRTG Network Monitor Cascading Style Sheets (CSS) Injection

This CSS vulnerability, discovered by Raxis lead penetration tester Matt Mathur, lies in a device’s[…]

You See a Wireless Mouse. We see an easy way in.
What to Expect with a Raxis Wireless Penetration Test

When Raxis conducts a penetration test on your wireless network, we’re coming with the technology,[…]

Starlink
5 Things You Should (and Shouldn’t) Take Away from the Starlink Hack

The hack of SpaceX’s Starlink shouldn’t distract security pros from the terrestrial threats that are[…]

CVE-2022-26653 & CVE-2022-26777: ManageEngine Remote Access Plus Guest User Insecure Direct Object References
CVE-2022-26653 & CVE-2022-26777: ManageEngine Remote Access Plus Guest User Insecure Direct Object References

Raxis lead penetration tester Matt Dunn uncovers two more ManageEngine vulnerabilities (CVE-2022-26653 & CVE-2022-26777).

CVE-2022-25373: ManageEngine Support Center Plus Stored Cross-Site Scripting (XSS)
CVE-2022-25373: ManageEngine Support Center Plus Stored Cross-Site Scripting (XSS)

Matt Dunn discovers another ManageEngine vulnerability, this one in the Support Center Plus application.

Raxis Earns Five-Star Rating
Raxis Earns Five-Star Rating

Five stars from Clutch? We got ‘em! Read about why our customers think we rock.

Members of the Pensacola Catholic High School “Crubotics” team with their ROV.
Raxis Supports Pensacola ROV Team

Raxis is proud to sponsor the Pensacola Catholic High School “Crubotics” robotics team. Its members[…]

CVE-2022-25245: ManageEngine Asset Explorer Information Leakage
CVE-2022-25245: ManageEngine Asset Explorer Information Leakage

Raxis lead penetration tester Matt Dunn discovers an information leakage vulnerability in ManageEngine’s Asset Explorer

Exploiting Dirty Pipe (CVE-2022-0847)
Exploiting Dirty Pipe (CVE-2022-0847)

Andrew Trexler, Raxis senior penetration tester demonstrates how to exploit the “Dirty Pipe” vulnerability (CVE-2022-0847).

CVE-2022-24681: ManageEngine AD SelfService Plus Stored Cross-Site Scripting (XSS)
CVE-2022-24681: ManageEngine AD SelfService Plus Stored Cross-Site Scripting (XSS)

Raxis lead penetration tester Matt Dunn continues his prolific discovery of new cross-site scripting CVEs.[…]