The Exploit

Notes from the Front Lines of Penetration Testing

Category: Penetration Testing

Discover expert-led penetration testing insights, real-world attack simulations, and best practices to uncover vulnerabilities and strengthen your security.

Password Series: 8 Practical First Steps to Crack Difficult Passwords in Penetration Tests

By

Ryan Chaplin

From rulesets & hardware to wordlists and mask attacks, Lead Penetration Tester Ryan Chaplin shows how to crack difficult password hashes in penetration tests.

Read More
Tips for Scoping Your Penetration Test

By

Brad Herring

Scoping your penetration test (especially your first one) can be daunting. Our team is always happy to help, and Brad Herring gives you a head start here.

Read More
Cool Tools Series: How Vim Powers Penetration Testing

By

Andrew Trexler

Principal Penetration Tester, Andrew Trexler, dives into Vim, a powerful command line tool for text files, and shows useful commands for penetration testing.

Read More
Accepting Penetration Test Risks & How Compensating Controls Can Help

By

Tim Semchenko

Tim Semchenko discusses documenting acceptance of risks and implementing compensating controls as options when pentest findings cannot be fixed immediately.

Read More
Cool Tools Series: Masscan for Penetration Testing

By

Andrew Trexler

Continuing our Cool Tools Series, Lead Penetration Tester Andrew Trexler shows how to use masscan for discovery scanning on large networks in penetration tests.

Read More
Password Series: Defeating Emerging Password Security Trends with Psudohash for Penetration Testing

By

Ryan Chaplin

Lead Pentester Ryan Chaplin discusses emerging improvements in password security and how Psudohash can help bypass them on penetration tests.

Read More
Why Raxis Attack PTaaS is a Huge Win for Organizations

By

Caroline Kelly

With the recent launch of Raxis Attack, a powerful PTaaS service, Caroline Kelly is excited to share how it can help organizations of all sizes stay secure.

Read More
Cool Tools Series: How MSFvenom Powers Penetration Testing

By

Nathan Anderson

Nathan Anderson intros MSFvenom, a Metasploit tool that generates & encodes payloads to obtain reverse shells & gain network access for penetration testing.

Read More
Penetration Testing Pricing: How Much is Too Little or Too Much?

By

Brad Herring

How much should a penetration tests cost? From scans to pentests and PTaaS, Brad Herring explains how to make sure you get what you pay for — and what you need.

Read More
Cool Tools Series: Nuclei for Penetration Tests

By

Andrew Trexler

Raxis’ Andrew Trexler shows how useful Nuclei is for network and application penetration tests, discovering vulnerabilities such as default passwords and more.

Read More
Raxis: Your Trusted Partner in Penetration Testing

By

Cole Stafford

I’m Cole Stafford, a Sales Development Representative at Raxis. I help with customer relations, building the contracts, and making sure everything gets out in a timely order. I’m proud to be a part of the Raxis team and share a few of the reasons why below. At Raxis, we redefine the penetration test experience by […]

Read More
Cool Tools Series: NMAP for Penetration Tests

By

Adam Fernandez

Raxis’ lead developer, Adam Fernandez, adds to our Cool Tools Series with a focus on Nmap: discovering live hosts that appear to be down and useful NSE scripts.

Read More