Exploits

Discover expert insights on the latest exploits, penetration testing tactics, and real-world vulnerabilities to strengthen your cybersecurity defenses.

the exploit blog logo
The Exploit: Penetration Testing Insights From The Frontlines

Articles Categorized as Exploits

  • Cool Tools Series: Nuclei
    Cool Tools Series: Nuclei for Penetration Tests
    Raxis’ Andrew Trexler shows how useful Nuclei is for network and application penetration tests, discovering vulnerabilities such as default passwords and more.
    Read More
  • Password Length: More than Just a Question of Compliance
    Password Length: More than Just a Question of Compliance
    Password length requirements are a key part of password security, but, with PCI, NIST, OWASP, and CIS offering different recommendations, what length is best?
    Read More
  • SQL Injection Attack
    SQLi Series: SQL Timing Attacks for Penetration Testing
    Andrew Trexler’s SQLi Series is back, demonstrating SQL Timing Attacks using MySQL’s sleep function in Blind SQL Injection attacks for penetration testing.
    Read More
  • SQL Injection
    SQLi Series: An Introduction to SQL Injection for Penetration Testing
    Raxis’ Andrew Trexler explains what SQL Injection (SQLi) is and how to perform a simple exploit against a web app login page in penetration tests.
    Read More
  • AD Series: Resource Based Constrained Delegation (RBCD) Exploits
    AD Series: Resource Based Constrained Delegation (RBCD) for Penetration Testing
    Exploit msDS-AllowedToActOnBehalfOfOtherIdentitity to gain administrative access in a Resource Based Constrained Delegation (RBCD) attack on penetration tests.
    Read More
  • Raxis Red Team
    An Inside Look at a Raxis Red Team
    The Raxis Red Team Test is our top tier test that gives a true feel of what hackers could do. Curious to know more? Take a look at this short video.
    Read More