How To

Blog Archive Category

the exploit blog logo
The Exploit: Penetration Testing Insights From The Frontlines

The Exploit articles categorized as How To

  • Log4 Exploit Walkthrough
    ,

    Log4j: How to Exploit and Test this Critical Vulnerability on Penetration Tests

     By Mark Puckett Raxis demonstrates how to obtain a remote shell on a target system during penetration tests using a Log4j open-source exploit available to all. (CVE-2021-44228) November 18, 2022
  • Exploiting Dirty Pipe (CVE-2022-0847)
    ,

    Exploiting Dirty Pipe (CVE-2022-0847)

     By Andrew Trexler The Dirty Pipe vulnerability (CVE-2022-0847) allows any user to write to read-only files, including files that are owned by root, allowing privilege escalation. May 26, 2022
  • Submit Button
    , , ,

    Hackers See Opportunity Where You See Only a Button

     By Brad Herring In this post, Raxis VP Brad Herring explains how web proxy tools can turn even simple buttons and check-boxes into avenues for an attack. April 1, 2022
  • How to Hire a Penetration Testing Firm Part Two
    ,

    How to Hire a Penetration Testing Firm – Part 2

     By Bonnie Smyre Is your organization is in the market for a penetration test? Raxis’ COO Bonnie Smyre continues her two-part series on how to hire a penetration testing firm. March 18, 2022
  • Penetration Testing Types
    ,

    How to Hire a Penetration Testing Firm – Part 1

     By Bonnie Smyre Raxis’ COO Bonnie Smyre offers some helpful hints about how to start the process of hiring a penetration testing company. February 25, 2022
  • Matt Dunn Mathur
    ,

    Reporting Tools for Large Penetration Tests

     By Raxis Research Team Raxis lead penetration tester Matt Dunn has developed three new tools to make it easier to compile and present findings from large penetration tests. February 11, 2022