Skip to content
Raxis
  • Home
  • Services
      Core Services
    • Raxis Red Team
    • AI Augmented Penetration Testing
    • Penetration Testing as a Service (PTaaS)
    • Elite Cybersecurity Services
    • Raxis listed as a Sample Vendor for Penetration Testing as a Service in two Gartner® Hype Cycleâ„¢, 2024 reports
      • Penetration Testing
    • Penetration Testing Services
    • Web Application Penetration Testing
    • API Security
    • Salesforce Applications
    • Internal Networks, Cloud, and VPC
    • External Networks and Internet
    • Wireless Networks
    • Mobile Applications
      • CyberSecurity Services
    • Compliance: PCI, HIPAA, GLBA, and more
    • Attack Surface Management
    • Breach and Attack Simulation
    • Cybersecurity Code Review
    • Cybersecurity Red Team
    • Phishing and Spear Phishing
    • Social Engineering
  • Industries
      Critical Infrastructure
    • Energy
    • Communications
    • Transportation
    • Water
      • Compliance Driven
    • Credit Card Industry (PCI)
    • Education
    • Finance and Banking
    • GLBA Safeguards Rule
    • Government Agencies
    • Healthcare (HIPAA)
    • Manufacturing
    • SOC 2
      • Technology
    • Technology and Software Development
    • Blockchain and Cryptocurrency
    • Media and Entertainment
    • Social Media
  • Resources
      Company Information
    • About Raxis
    • Careers
    • Meet Our Team
    • Signup for Raxis News
      • Resources
    • The Exploit Blog
    • Become a Raxis Partner
    • Certifications
    • Raxis One
    • Transporter Remote Pentesting
      • About Ethical Hacking
    • An Inside Look at a Raxis Red Team
    • Red, Blue, and Purple Teams
    • Penetration Test Glossary
    • What is a Penetration Test?
    • What is Web Application Penetration Testing?
  • The Exploit Blog
  • About Us
Contact Raxis Login
Raxis
Contact RaxisIcon Link to Contact Raxis
  • Home
  • Services
      Core Services
    • Raxis Red Team
    • AI Augmented Penetration Testing
    • Penetration Testing as a Service (PTaaS)
    • Elite Cybersecurity Services
    • Raxis listed as a Sample Vendor for Penetration Testing as a Service in two Gartner® Hype Cycleâ„¢, 2024 reports
      • Penetration Testing
    • Penetration Testing Services
    • Web Application Penetration Testing
    • API Security
    • Salesforce Applications
    • Internal Networks, Cloud, and VPC
    • External Networks and Internet
    • Wireless Networks
    • Mobile Applications
      • CyberSecurity Services
    • Compliance: PCI, HIPAA, GLBA, and more
    • Attack Surface Management
    • Breach and Attack Simulation
    • Cybersecurity Code Review
    • Cybersecurity Red Team
    • Phishing and Spear Phishing
    • Social Engineering
  • Industries
      Critical Infrastructure
    • Energy
    • Communications
    • Transportation
    • Water
      • Compliance Driven
    • Credit Card Industry (PCI)
    • Education
    • Finance and Banking
    • GLBA Safeguards Rule
    • Government Agencies
    • Healthcare (HIPAA)
    • Manufacturing
    • SOC 2
      • Technology
    • Technology and Software Development
    • Blockchain and Cryptocurrency
    • Media and Entertainment
    • Social Media
  • Resources
      Company Information
    • About Raxis
    • Careers
    • Meet Our Team
    • Signup for Raxis News
      • Resources
    • The Exploit Blog
    • Become a Raxis Partner
    • Certifications
    • Raxis One
    • Transporter Remote Pentesting
      • About Ethical Hacking
    • An Inside Look at a Raxis Red Team
    • Red, Blue, and Purple Teams
    • Penetration Test Glossary
    • What is a Penetration Test?
    • What is Web Application Penetration Testing?
  • The Exploit Blog
  • About Us
  • Cool Tools Series: Kerbrute
    Exploits | Networks | Penetration Testing | Red Team

    Cool Tools Series: Kerbrute

    ByAndrew Trexler October 7, 2025September 3, 2025

    Raxis Principal Penetration Tester Andrew Trexler walks through the many uses of Kerbrute from user enumeration to brute-forcing and password spraying.

    Read More Cool Tools Series: KerbruteContinue

  • Dev's Fast Reporting of Phish Reduced Impact on Blockchain Malware Attacks
    In The News | Phishing

    Dev’s Fast Reporting of Phish Reduced Impact on Blockchain Malware Attacks

    ByAndrew Trexler September 11, 2025September 9, 2025

    A recent successful phish allowed attackers to run malware targeting cryptocurrency transactions on various blockchains, but fast reporting limited the damage.

    Read More Dev’s Fast Reporting of Phish Reduced Impact on Blockchain Malware AttacksContinue

  • How AI Makes Phishing Easy & What to Watch For
    Phishing | Social Engineering | Tips For Everyone

    How AI Makes Phishing Easy & What to Watch For

    ByAndrew Trexler May 6, 2025April 17, 2025

    Principal Penetration Tester Andrew Trexler got curious how easy it might be to customize a phish to a specific website using AI. The answer? Very easy.

    Read More How AI Makes Phishing Easy & What to Watch ForContinue

  • AD Series: Using Evil-WinRM to Get NTDS Manually
    Exploits | How To

    AD Series: Using Evil-WinRM to Get NTDS Manually in Penetration Tests

    ByAndrew Trexler March 11, 2025August 19, 2025

    Principal Penetration Tester Andrew Trexler’s Active Directory series is back, showing how to use Evil-WinRM to copy NTDS.dit manually in penetration tests.

    Read More AD Series: Using Evil-WinRM to Get NTDS Manually in Penetration TestsContinue

  • Cool Tools Series: Vim
    How To | Penetration Testing

    Cool Tools Series: How Vim Powers Penetration Testing

    ByAndrew Trexler January 14, 2025August 17, 2025

    Principal Penetration Tester, Andrew Trexler, dives into Vim, a powerful command line tool for text files, and shows useful commands for penetration testing.

    Read More Cool Tools Series: How Vim Powers Penetration TestingContinue

  • Cool Tools Series: Masscan
    How To | Penetration Testing

    Cool Tools Series: Masscan for Penetration Testing

    ByAndrew Trexler December 3, 2024June 16, 2025

    Continuing our Cool Tools Series, Lead Penetration Tester Andrew Trexler shows how to use masscan for discovery scanning on large networks in penetration tests.

    Read More Cool Tools Series: Masscan for Penetration TestingContinue

  • Cool Tools Series: Nuclei
    Exploits | How To | Networks | Penetration Testing

    Cool Tools Series: Nuclei for Penetration Tests

    ByAndrew Trexler September 10, 2024August 19, 2025

    Raxis’ Andrew Trexler shows how useful Nuclei is for network and application penetration tests, discovering vulnerabilities such as default passwords and more.

    Read More Cool Tools Series: Nuclei for Penetration TestsContinue

  • SQL Injection Attack
    Exploits | How To | Injection Attacks

    SQLi Series: SQL Timing Attacks for Penetration Testing

    ByAndrew Trexler May 7, 2024June 16, 2025

    Andrew Trexler’s SQLi Series is back, demonstrating SQL Timing Attacks using MySQL’s sleep function in Blind SQL Injection attacks for penetration testing.

    Read More SQLi Series: SQL Timing Attacks for Penetration TestingContinue

  • SQL Injection
    Exploits | How To | Injection Attacks

    SQLi Series: An Introduction to SQL Injection for Penetration Testing

    ByAndrew Trexler April 9, 2024June 16, 2025

    Raxis’ Andrew Trexler explains what SQL Injection (SQLi) is and how to perform a simple exploit against a web app login page in penetration tests.

    Read More SQLi Series: An Introduction to SQL Injection for Penetration TestingContinue

  • AD Series: Resource Based Constrained Delegation (RBCD) Exploits
    Exploits | How To

    AD Series: Resource Based Constrained Delegation (RBCD) for Penetration Testing

    ByAndrew Trexler March 12, 2024June 16, 2025

    Exploit msDS-AllowedToActOnBehalfOfOtherIdentitity to gain administrative access in a Resource Based Constrained Delegation (RBCD) attack on penetration tests.

    Read More AD Series: Resource Based Constrained Delegation (RBCD) for Penetration TestingContinue

  • AD Series: Active Directory Certificate Services (ADCS) Exploits Using NTLMRelayx.py
    Exploits | How To

    AD Series: Active Directory Certificate Services (ADCS) Exploits Using NTLMRelayx.py for Penetration Tests

    ByAndrew Trexler January 23, 2024June 16, 2025

    Andrew Trexler ran into issues with certipy when testing on port 443 and found that NTLMRelayx.py worked better in for those ADCS Exploits on penetration tests.

    Read More AD Series: Active Directory Certificate Services (ADCS) Exploits Using NTLMRelayx.py for Penetration TestsContinue

  • Active Directory Certificate Services (ADCS) Misconfiguration Exploits
    Exploits | How To

    AD Series: Active Directory Certificate Services (ADCS) Misconfiguration Exploits for Penetration Tests

    ByAndrew Trexler August 10, 2023July 28, 2025

    Andrew Trexler adds to his AD series with a tutorial of Active Directory Certificate Services (ADCS) misconfiguration exploits for penetration tests.

    Read More AD Series: Active Directory Certificate Services (ADCS) Misconfiguration Exploits for Penetration TestsContinue

Page navigation

1 2 Next PageNext

2870 Peachtree Road
Suite #915-8924
Atlanta, GA 30305 USA

Contact us online

About Raxis

  • About Raxis
  • Careers
  • Terms and Conditions
  • Privacy Policy
  • Partners, Apply Here

Resources

  • The Exploit
  • Transporter Remote Penetration Testing
  • Penetration Test Glossary
  • What is a Penetration Test?
Facebook X Instagram Linkedin YouTube