Skip to content
Raxis
  • Home
  • Services
      Red Team Penetration Testing
    • Red Team
    • Breach and Attack Simulation
    • Phishing and Spear Phishing
    • Physical Penetration Testing
      • Penetration Testing
    • Penetration Testing Services
    • Raxis Attack: PTaaS
    • Raxis Strike: Penetration Test
    • Web Application Penetration Testing
    • API Security
    • Salesforce Applications
    • Internal Networks, Cloud, and VPC
    • External Networks and Internet
    • Wireless Networks
    • Mobile Applications
      • Cybersecurity Services
    • Elite Cybersecurity Services
    • Attack Surface Management
    • Cybersecurity Code Review
  • Industries
      Critical Infrastructure
    • Energy
    • Communications
    • Transportation
    • Water
      • Compliance Driven
    • Credit Card Industry (PCI)
    • Healthcare (HIPAA, FDA)
    • SOC 2
    • Education
    • Finance and Banking
    • GLBA Safeguards Rule
    • Government Agencies
    • Manufacturing
      • Technology
    • Technology and Software Development
    • Blockchain and Cryptocurrency
    • Media and Entertainment
    • Social Media
  • Resources
      Company Information
    • About Raxis
    • Become a Raxis Partner
    • Careers
    • Certifications
    • Meet Our Team
    • Signup for Raxis News
      • Resources
    • The Exploit Blog
    • Raxis One
    • Red, Blue, and Purple Teams
    • Penetration Test Glossary
    • Transporter Remote Pentesting
    • What is a Penetration Test?
  • The Exploit Blog
  • About Us
Contact Raxis Login
Raxis
Contact RaxisIcon Link to Contact Raxis
  • Home
  • Services
      Red Team Penetration Testing
    • Red Team
    • Breach and Attack Simulation
    • Phishing and Spear Phishing
    • Physical Penetration Testing
      • Penetration Testing
    • Penetration Testing Services
    • Raxis Attack: PTaaS
    • Raxis Strike: Penetration Test
    • Web Application Penetration Testing
    • API Security
    • Salesforce Applications
    • Internal Networks, Cloud, and VPC
    • External Networks and Internet
    • Wireless Networks
    • Mobile Applications
      • Cybersecurity Services
    • Elite Cybersecurity Services
    • Attack Surface Management
    • Cybersecurity Code Review
  • Industries
      Critical Infrastructure
    • Energy
    • Communications
    • Transportation
    • Water
      • Compliance Driven
    • Credit Card Industry (PCI)
    • Healthcare (HIPAA, FDA)
    • SOC 2
    • Education
    • Finance and Banking
    • GLBA Safeguards Rule
    • Government Agencies
    • Manufacturing
      • Technology
    • Technology and Software Development
    • Blockchain and Cryptocurrency
    • Media and Entertainment
    • Social Media
  • Resources
      Company Information
    • About Raxis
    • Become a Raxis Partner
    • Careers
    • Certifications
    • Meet Our Team
    • Signup for Raxis News
      • Resources
    • The Exploit Blog
    • Raxis One
    • Red, Blue, and Purple Teams
    • Penetration Test Glossary
    • Transporter Remote Pentesting
    • What is a Penetration Test?
  • The Exploit Blog
  • About Us

Cybersecurity Insights From The Frontlines

  • CVE‑2020‑12812 and Why It’s Still an Issue Five Years Later
    Exploits | In The News | Patching | Security Recommendations

    CVE‑2020‑12812 and Why It’s Still an Issue Five Years Later

    ByScottie Cole January 16, 2026January 12, 2026

    Principal Penetration Tester Scottie Cole explains why Fortinet released a new security advisory about CVE‑2020‑12812 and what your organization should check.

    Read More CVE‑2020‑12812 and Why It’s Still an Issue Five Years LaterContinue

  • Data Theft Exploit: DNS Exfiltration Attack
    Exploits | How To | Networks | Penetration Testing | Red Team

    Data Theft Exploit Part 2: DNS Exfiltration Attack

    ByJason Taylor January 13, 2026November 14, 2025

    Raxis’ Jason Taylor is back with a detailed tutorial on performing both manual and automated DNS exfiltration attacks for pentesting.

    Read More Data Theft Exploit Part 2: DNS Exfiltration AttackContinue

  • Why 8-Character Passwords Are No Longer Enough: Lessons from the Raxis Password Cracker
    In The News | Networks | Password Cracking | Penetration Testing | Security Recommendations

    Why 8-Character Passwords Are No Longer Enough: Lessons from the Raxis Password Cracker

    ByBrad Herring January 9, 2026January 7, 2026

    With the start of 2026, the Raxis team is already busy. A new upgrade to our password-cracking system shows how quickly 8-character passwords can be cracked.

    Read More Why 8-Character Passwords Are No Longer Enough: Lessons from the Raxis Password CrackerContinue

  • Cross-Site Scripting (XSS): Cookie Theft - Advanced Payloads
    Exploits | How To | Web Apps

    Cross-Site Scripting (XSS): Cookie Theft – Advanced Payloads

    ByRaxis Research Team December 18, 2025November 21, 2025

    We reached into our vaults to bring you the final video in our cross-site scripting (XSS) series. Learn about cookie theft, website defacement, and CSRF attacks.

    Read More Cross-Site Scripting (XSS): Cookie Theft – Advanced PayloadsContinue

  • Data Theft Exploit: DNS Exfiltration Setup
    Exploits | How To | Networks | Penetration Testing | Red Team

    Data Theft Exploit Part 1: DNS Exfiltration Setup

    ByJason Taylor December 16, 2025November 14, 2025

    Raxis Lead Penetration Tester Jason Taylor’s in-depth tutorial explains setting up a server for DNS exfiltration. Check back next month to run the attack.

    Read More Data Theft Exploit Part 1: DNS Exfiltration SetupContinue

  • Salesforce Compromise: What You Need to Know
    Exploits | In The News | Phishing | Security Recommendations

    Salesforce Compromise: What You Need to Know

    ByJason Taylor October 15, 2025October 13, 2025

    The FBI has released information to help organizations that are affected by recent attacks against Salesforce. Raxis’ Jason Taylor sums up next steps here.

    Read More Salesforce Compromise: What You Need to KnowContinue

  • Cool Tools Series: Kerbrute
    Exploits | Networks | Penetration Testing | Red Team

    Cool Tools Series: Kerbrute

    ByAndrew Trexler October 7, 2025September 3, 2025

    Raxis Principal Penetration Tester Andrew Trexler walks through the many uses of Kerbrute from user enumeration to brute-forcing and password spraying.

    Read More Cool Tools Series: KerbruteContinue

  • Lateral Movement: From Beachhead to Breach
    Exploits | How To | Networks | Penetration Testing | Security Recommendations

    Lateral Movement: From Beachhead to Breach

    ByNate Jernigan September 23, 2025August 21, 2025

    Raxis Senior Penetration Tester Nate Jernigan discusses lateral movement in penetration testing and the methods and tools he uses when performing these attacks.

    Read More Lateral Movement: From Beachhead to BreachContinue

  • Dangers of Storing Sensitive Data in Web Storage: 5 Real Attack Scenarios
    Exploits | Penetration Testing | Security Recommendations | Web Apps

    Dangers of Storing Sensitive Data in Web Storage: 5 Real Attack Scenarios

    ByRyan Chaplin August 26, 2025July 11, 2025

    Lead Penetration Tester Ryan Chaplin walks us through 5 real-world attack scenarios used in real-world penetration tests by Raxis.

    Read More Dangers of Storing Sensitive Data in Web Storage: 5 Real Attack ScenariosContinue

  • Raspberry Pi
    Exploits | Penetration Testing | Red Team

    Raspberry Pi Planted in Failed ATM Heist

    ByBrian Tant August 14, 2025September 2, 2025

    Raxis Chief Penetration Tester Brian Tant discusses the Raspberry Pi used in a recent ATM heist and how Raxis uses the same type of device in our pentesting.

    Read More Raspberry Pi Planted in Failed ATM HeistContinue

  • Microsoft Releases Security Patch for Actively Exploited On-Premises SharePoint Vulnerabilities
    Exploits | In The News | Patching | Security Recommendations

    Microsoft Releases Security Patch for Actively Exploited On-Premises SharePoint Vulnerabilities

    ByJason Taylor July 22, 2025August 22, 2025

    Microsoft has released patches for two critical vulnerabilities allowing unauthenticated remote code execution that affect on-premises SharePoint installations.

    Read More Microsoft Releases Security Patch for Actively Exploited On-Premises SharePoint VulnerabilitiesContinue

  • OWASP Top 10 for LLM Applications
    AI | Exploits | Penetration Testing | Web Apps

    OWASP Top 10 for LLM Applications Penetration Testing

    ByJason Taylor July 15, 2025November 10, 2025

    Lead Penetration Tester Jason Taylor looks at OWASP’s Top 10 list for LLM applications for penetration testing as AI machine learning becomes prevalent.

    Read More OWASP Top 10 for LLM Applications Penetration TestingContinue

Page navigation

1 2 3 … 6 Next PageNext

2870 Peachtree Road
Suite #915-8924
Atlanta, GA 30305 USA

+1 678.421.4544

Contact us online for faster response

About Raxis

  • About Raxis
  • Careers
  • Terms and Conditions
  • Privacy Policy
  • Penetration Testing Partner Program

Resources

  • The Exploit Blog
  • Transporter Remote Penetration Testing
  • Penetration Test Glossary
  • What is a Penetration Test?
Facebook X Instagram Linkedin YouTube