Exploits | Raxis

Exploiting GraphQL, a query language inspired by the structure & functionality of online data storage[…]

Raxis demonstrates how to obtain a remote shell on a target system using a Log4j[…]

In the cyberworld, news of a critical vulnerability affecting OpenSSL versions 3.0 – 3.0.6 will[…]

This CSS vulnerability, discovered by Raxis lead penetration tester Matt Mathur, lies in a device’s[…]

Raxis lead penetration tester Matt Dunn uncovers two more ManageEngine vulnerabilities (CVE-2022-26653 & CVE-2022-26777).

Matt Dunn discovers another ManageEngine vulnerability, this one in the Support Center Plus application.

Raxis lead penetration tester Matt Dunn discovers an information leakage vulnerability in ManageEngine’s Asset Explorer

The Dirty Pipe vulnerability (CVE-2022-0847) allows any user to write to read-only files, including files[…]

Raxis lead penetration tester Matt Dunn continues his prolific discovery of new cross-site scripting CVEs.[…]

In this post, Raxis VP Brad Herring explains how web proxy tools can turn even[…]

In this second in a series, learn how to perform Cross-Site Scripting (XSS) attacks such[…]

In this blog post, Raxis lead penetration tester Mark Fabian discusses broken access control and[…]