Cool Tools Series: Host Discovery
Raxis’ pentester, Scottie Cole, leads off our new Cool Tools Series with tips on tools[…]
SQLi Series: SQL Timing Attacks
Andrew Trexler is back with his SQLi Series, this time demonstrating SQL Timing Attacks using[…]
SQLi Series: An Introduction to SQL Injection
In this first in a new series, Raxis’ Andrew Trexler explains what SQL Injection (SQLi)[…]
AD Series: Resource Based Constrained Delegation (RBCD)
Learn to exploit msDS-AllowedToActOnBehalfOfOtherIdentitity to gain administrative access in a Resource Based Constrained Delegation (RBCD)
AD Series: Active Directory Certificate Services (ADCS) Exploits Using NTLMRelayx.py
Raxis’ Andrew Trexler ran into some issues with certipy when testing on port 443 and[…]
AD Series: Active Directory Certificate Services (ADCS) Misconfiguration Exploits
Raxis’ Andrew Trexler adds to his Active Directory series with a thorough tutorial of Active[…]
AD Series: How to Perform Broadcast Attacks Using NTLMRelayx, MiTM6 and Responder
Andrew Trexler continues his AD Series with an in-depth tutorial on broadcast Attacks using NTLMRelayx,[…]
How to Create an AD Test Environment
Andrew Trexler walks us through creating a simple AD test environment to test new hacks[…]
Exploiting GraphQL
Exploiting GraphQL, a query language inspired by the structure & functionality of online data storage[…]
Log4j: How to Exploit and Test this Critical Vulnerability
Raxis demonstrates how to obtain a remote shell on a target system using a Log4j[…]
Exploiting Dirty Pipe (CVE-2022-0847)
The Dirty Pipe vulnerability (CVE-2022-0847) allows any user to write to read-only files, including files[…]
Hackers See Opportunity Where You See Only a Button
In this post, Raxis VP Brad Herring explains how web proxy tools can turn even[…]
2870 Peachtree Road
Suite #915-8924
Atlanta, GA 30305 USA
+1 678.421.4544
© 2024 Raxis, LLC – All rights reserved