How To

Master penetration testing with Raxis “How To” tutorials. Get expert, step-by-step guides to uncover and fix vulnerabilities in your organization.

the exploit blog logo
The Exploit: Penetration Testing Insights From The Frontlines

Articles Categorized as How To

  • PSE & Red Team Series: Looting
    PSE & Red Team Series: Looting
    Nathan Anderson continues his Physical Social Engineering and Red Team series with the final step: looting. Learn what shows value to stakeholders in reports.
    Read More
  • Building Security Tools from Source to Bypass Endpoint Security
    Building Security Tools from Source to Bypass Endpoint Security
    Endpoint security detects many malicious files created with pentest tools, but pentesters can sometimes bypass this by rebuilding source code. Learn how here.
    Read More
  • Cool Tools: Bloodhound CE
    Cool Tools: Bloodhound CE
    BloodHound’s Community Edition has everything a penetration tester needs to enumerate relationships in a domain in order to gain more access, even Domain Admin.
    Read More
  • Defense in Depth Against Linux Kernel Privilege Escalation
    Defense in Depth Against Linux Kernel Privilege Escalation: A Practical Guide for Container Workloads
    With current local privilege escalation exploits like Copy Fail and Dirty Frag active in the wild, harden your defenses to halt attacks even before patching.
    Read More
  • Cool Tools: NetExec (NXC) Fundamentals
    Cool Tools: NetExec (NXC) Fundamentals
    Now that CrackMapExec is no more, how is a pentester to rapidly test credentials, enumerate assets, spray passwords, and more? Learn the basics of NetExec here.
    Read More
  • Bypassing ChatGPT’s Open-Source Model Security Restrictions for Agentic Hacking
    Bypassing ChatGPT’s Open-Source Model Security Restrictions for Agentic Hacking
    Ryan Chaplin wondered what it would take to bypass ChatGPT’s open-source model security restrictions to allow AI to hack his website. See how he did it here.
    Read More