Category: Exploits
-
This post will show you how to setup a simple Active Directory (AD) test environment. Further posts in the series will show how to use this environment to test hacking exploits.
-
This post will show you how to take advantage of some weak spots in GraphQL.
-
In this article, Raxis’ CEO Mark Puckett describes how penetration testers and ethical hackers can exploit the dangerous new Log4J vulnerability (CVE 2021-44228)
-
In the cyberworld, news of a critical vulnerability affecting OpenSSL versions 3.0 – 3.0.6 will likely be the scariest part of Halloween ’22.
-
This CSS vulnerability, discovered by Raxis lead penetration tester Matt Mathur, lies in a device’s properties and how they are verified and displayed within PRTG Network Monitor.
-
Raxis lead penetration tester Matt Dunn uncovers two more ManageEngine vulnerabilities (CVE-2022-26653 & CVE-2022-26777).
-
Matt Dunn discovers another ManageEngine vulnerability, this one in the Support Center Plus application.
-
Raxis lead penetration tester Matt Dunn discovers an information leakage vulnerability in ManageEngine’s Asset Explorer CVE-2022-25245
-
Andrew Trexler, Raxis senior penetration tester demonstrates how to exploit the “Dirty Pipe” vulnerability (CVE-2022-0847).
-
Raxis lead penetration tester Matt Dunn continues his prolific discovery of new cross-site scripting CVEs. This one affects ManageEngine AD SelfService Plus Stored Cross-Site Scripting (XSS).