How To

Blog Archive Category

the exploit blog logo
The Exploit: Penetration Testing Insights From The Frontlines

The Exploit articles categorized as How To

  • Cool Tools Series: MSFvenom
    , ,

    Cool Tools Series: How MSFvenom Powers Penetration Testing

     By Nathan Anderson Nathan Anderson intros MSFvenom, a Metasploit tool that generates & encodes payloads to obtain reverse shells & gain network access for penetration testing. October 8, 2024
  • Cool Tools Series: Nuclei
    , , ,

    Cool Tools Series: Nuclei for Penetration Tests

     By Andrew Trexler Raxis’ Andrew Trexler shows how useful Nuclei is for network and application penetration tests, discovering vulnerabilities such as default passwords and more. September 10, 2024
  • Cool Tools Series: NMAP for Penetration Tests
    , ,

    Cool Tools Series: NMAP for Penetration Tests

     By Adam Fernandez Raxis’ lead developer, Adam Fernandez, adds to our Cool Tools Series with a focus on Nmap: discovering live hosts that appear to be down and useful NSE scripts. July 30, 2024
  • Cool Tools Series: Host Discovery
    , ,

    Cool Tools Series: Host Discovery in Penetration Testing

     By Scottie Cole Raxis’ pentester, Scottie Cole, leads off our new Cool Tools Series with tips on tools for host discovery and vulnerability discovery for penetration tests. July 2, 2024
  • SQL Injection Attack
    , ,

    SQLi Series: SQL Timing Attacks for Penetration Testing

     By Andrew Trexler Andrew Trexler’s SQLi Series is back, demonstrating SQL Timing Attacks using MySQL’s sleep function in Blind SQL Injection attacks for penetration testing. May 7, 2024
  • SQL Injection
    , ,

    SQLi Series: An Introduction to SQL Injection for Penetration Testing

     By Andrew Trexler Raxis’ Andrew Trexler explains what SQL Injection (SQLi) is and how to perform a simple exploit against a web app login page in penetration tests. April 9, 2024