Ryan Chaplin

Ryan, OSCP, has performed penetration testing services for clients across a variety of industries from hospitals to non-profits to S&P 500 companies. He has been awarded for his work from numerous companies including NASA JPL. Prior to working in Offensive Security his work focused on the intersection of Software Development, Digital Marketing, and Security. He also enjoys playing basketball, reading, the arts, and watching way too much Netflix.

Ryan can be reached by contacting us.

Autonomous Supply-Chain Worm Compromises Postman, PostHog, Zapier, and 26k Others

By Ryan Chaplin

Posted in AI, In The News

Operating fully autonomously, this new supply-chain malware has compromised Postman, PostHog, Zapier and 26k others. Learn what your organization should do now.

AI-Augmented Series: LLM-Aided Enumeration for Dormant WordPress Account Discovery

By Ryan Chaplin

Posted in AI

Ryan Chaplin leads off our Augmented-AI series with a scenario from a recent pentest using AI to write a script to discover an account to gain system access.

Windows Kills Common Offline/Account-less Install Method

By Ryan Chaplin

Posted in In The News, Networks

Microsoft Windows recently announced the removal of local-only installs on Windows 11. Raxis’ Ryan Chaplin looks at concerns and possible options.

Dangers of Storing Sensitive Data in Web Storage: 5 Real Attack Scenarios

By Ryan Chaplin

Posted in Exploits, Penetration Testing, Security Recommendations, Web Apps

Lead Penetration Tester Ryan Chaplin walks us through 5 real-world attack scenarios used in real-world penetration tests by Raxis.

Password Series: 8 Practical First Steps to Crack Difficult Passwords in Penetration Tests

By Ryan Chaplin

Posted in How To, Password Cracking, Penetration Testing

From rulesets & hardware to wordlists and mask attacks, Lead Penetration Tester Ryan Chaplin shows how to crack difficult password hashes in penetration tests.