Exploits
Blog Archive Category
The Exploit articles categorized as Exploits
-
How to Create an AD Test Environment to Use for Penetration Testing
By Andrew Trexler Andrew Trexler walks us through creating a simple AD test environment to test new hacks before trying them on a penetration test. April 27, 2023 -
Exploiting GraphQL for Penetration Testing
By bjager Exploiting GraphQL, a query language inspired by the structure & functionality of online data storage & collaboration platforms Meta, Instagram & Google Sheets. March 28, 2023 -
Log4j: How to Exploit and Test this Critical Vulnerability on Penetration Tests
By Mark Puckett Raxis demonstrates how to obtain a remote shell on a target system during penetration tests using a Log4j open-source exploit available to all. (CVE-2021-44228) November 18, 2022 -
RAXIS THREAT ALERT: VULNERABILITY IN OPENSSL v3.0.x
By Brad Herring In the cyberworld, news of a critical vulnerability affecting OpenSSL versions 3.0 – 3.0.6 will likely be the scariest part of Halloween ’22. October 31, 2022 -
CVE-2022-35739: PRTG Network Monitor Cascading Style Sheets (CSS) Injection
By Raxis Research Team This CSS vulnerability, discovered by Raxis’ Matt Mathur, lies in a device’s properties and how they are verified and displayed within PRTG Network Monitor. October 21, 2022 -
CVE-2022-26653 & CVE-2022-26777: ManageEngine Remote Access Plus Guest User Insecure Direct Object References
By Raxis Research Team Raxis lead penetration tester Matt Dunn uncovers two more ManageEngine vulnerabilities (CVE-2022-26653 & CVE-2022-26777). July 21, 2022
