How To

Blog Archive Category

the exploit blog logo
The Exploit: Penetration Testing Insights From The Frontlines

The Exploit articles categorized as How To

  • Offensive Security OSCP
    ,

    So, You Want to Earn Your OSCP?

     By Andrew Trexler What’s it like to earn your OSCP? Raxis senior penetration tester Andrew Trexler talks about his experience preparing for and taking the exam. February 4, 2022
  • Metasploit Module: Azure AD Login Scanner
    ,

    New Metasploit Module for Penetration Testing: Azure AD Login Scanner

     By Raxis Research Team Raxis’ Matt Dunn has published another Metasploit module, this one describing a vulnerability in Azure’s Active Directory Seamless Single Sign-on. Learn more here. November 23, 2021
  • Cross-Site Scripting: Filter Evasion & Sideloading Payloads
    ,

    Cross-Site Scripting (XSS): Filter Evasion and Sideloading

     By Raxis Research Team In this second in a series, learn how to perform Cross-Site Scripting (XSS) attacks such as filter evasion and sideloading content. November 12, 2021
  • Introduction to Cross-Site Scripting
    ,

    Introduction to Cross-Site Scripting

     By Raxis Research Team This video covers the basics of cross-site scripting, including reflected, stored, and DOM-based XSS as well as remediation to protect against these attacks. October 29, 2021
  • Clickjacking causes user to unknowingly purchase tickets

    Realistically Assessing the Threat of Clickjacking Today: A Penetration Tester Perspective

     By Adam Fernandez Raxis’ Lead Developer Adam Fernandez discusses clickjacking, explaining what it is and why it represents less of a threat now than it once did. Adam also talks about how clickjacking differs from similar attacks. May 28, 2021