Exploits

Discover expert insights on the latest exploits, penetration testing tactics, and real-world vulnerabilities to strengthen your cybersecurity defenses.

the exploit blog logo
The Exploit: Penetration Testing Insights From The Frontlines

Articles Categorized as Exploits

  • Cross-Site Scripting Vulnerability in ManageEngine AD Self Service Plus (CVE-2021-27956)
    Cross-Site Scripting Vulnerability in ManageEngine AD Self Service Plus (CVE-2021-27956)
    Raxis lead penetration tester Matt Dunn has uncovered a new cross-site scripting vulnerability in Manage Engine AD Self Service Plus (CVE-2021-27956). Find out more here.
    Read More
  • LDAP Passback
    LDAP Passback and Why We Harp on Passwords
    LDAP passback exploits are easy when companies fail to change default passwords on network devices or fail to assign a password at all. If you connect it, you must protect it.
    Read More
  • The rdp_web_login Metasploit Module in Use
    New Metasploit Module: Microsoft Remote Desktop Web Access Authentication Timing Attack
    Raxis team member Matt Dunn has uncovered a vulnerability in Microsoft’s Remote Desktop Web Access application (RD Web Access). Learn more in this blog article.
    Read More
  • How to Pull Off a Mousejacking Attack
    How to Pull Off a Mousejacking Attack
    Raxis’ penetration testing team demonstrates how to conduct a mousejacking attack to gain access as part of a penetration test.
    Read More
  • Smart phone with security alert
    Imminent Threat for US Hospitals and Clinics, RYUK Ransomware Alert (AA20-302A) – Updated 11/2/2020
    A new nationwide cyberattack appears to be targeted at U.S. based hospitals, clinics, and other health care facilities. Healthcare on heightened alert.
    Read More
  • Tailgating into stairwell
    Why Tailgating is an Effective Hacker Tactic
    We’re conditioned to be helpful and accommodating. That’s why tailgating works so well for hackers. The Raxis penetration testing team shows how.
    Read More