Raxis Blog Posts by Category
-
What to Expect with a Raxis Wireless Penetration TestWireless attacks are typically low-risk, high-reward opportunities that don’t often require direct interaction. See more about a wireless penetration test.
-
Why We Take Simultaneous Sessions Seriously on Penetration TestsRaxis Lead Penetration Tester Matt Dunn explains why you simultaneous sessions is a significant finding on a penetration test.
-
CIS vs. NIST: Understanding Cybersecurity Standards and FrameworksThe CIS 18 and NIST 800-53 are important gap analysis tools security professionals use to assess cyber defenses. Learn more about them from Raxis’ CTO Brian Tant.
-
Chained Attacks and How a Scan Can Leave You VulnerableVulnerability scans are useful tools for protecting your network. Find out why you shouldn’t rely on them exclusively.
-
New Metasploit Module for Penetration Testing: Azure AD Login ScannerRaxis’ Matt Dunn has published another Metasploit module, this one describing a vulnerability in Azure’s Active Directory Seamless Single Sign-on. Learn more here.
-
Introduction to Cross-Site ScriptingThis video covers the basics of cross-site scripting, including reflected, stored, and DOM-based XSS as well as remediation to protect against these attacks.
-
Nagios XI Stored Cross-Site Scripting (XSS): CVE-2021-38156Nagios is open-source network and system monitoring software. Raxis’ Matt Dunn has discovered a cross-site scripting vulnerability that could leave users open to attack.
-
Keep Your Cookies in the Cookie Jar: HttpOnly and Secure FlagsHow can cookies be used against you? And how do you keep that from happening? Raxis’ Matt Dunn explains.
-
Hurricane Ida: Limiting the DamageLead penetration tester Scottie Cole is a Gulf Coast resident and former first responder. Read his tips for avoiding hackers and scams that can be as costly as a natural disaster.
-
PRTG Network Monitor Stored Cross-Site Scripting Vulnerability (CVE-2021-29643)Raxis lead penetration tester Matt Dunn uncovers a new vulnerability in the PRTG Network Monitor (CVE-2021-29643). Read more here.
-
Don’t Take the SmishbaitUnwanted text messages are annoying, but some also hide malicious links. Here are some ways to avoid being “smished.”
-
ManageEngine Applications Manager Stored Cross-Site Scripting Vulnerability (CVE-2021-31813)Raxis’ lead penetration tester Matt Dunn has discovered another ManangeEngine cross-site scripting (XSS) vulnerability, this time in the Applications Manager product (CVE-2021-31813).
Categories
- Careers
- Exploits
- How To
- In The News
- Injection Attacks
- Just For Fun
- Meet The Team
- Mobile Apps
- Networks
- Password Cracking
- Penetration Testing
- Phishing
- PTaaS
- Raxis In The Community
- Red Team
- Security Recommendations
- Social Engineering
- Tips For Everyone
- Unsupported Software Unpatched Systems
- Web Apps
- What People Are Saying
- Wireless