The Exploit

Notes from the Front Lines of Penetration Testing

Category: Web Apps

Strengthen your web applications with tutorials and tips from the Raxis penetration testing team. Find insights to uncover and fix vulnerabilities.

Dangers of Storing Sensitive Data in Web Storage: 5 Real Attack Scenarios

By

Ryan Chaplin

Lead Penetration Tester Ryan Chaplin walks us through 5 real-world attack scenarios used in real-world penetration tests by Raxis.

Read More
OWASP Top 10 for LLM Applications Penetration Testing

By

Jason Taylor

Lead Penetration Tester Jason Taylor looks at OWASP’s Top 10 list for LLM applications for penetration testing as AI machine learning becomes prevalent.

Read More
OWASP Top 10: The Bedrock of an Application Penetration Test

By

Adam Fernandez

When performing web app, mobile app, and API penetration tests, we refer to the OWASP Top 10. Here we’ll discuss what that means and why it’s helpful.

Read More
Hackers See Opportunity Where You See Only a Button

By

Brad Herring

In this post, Raxis VP Brad Herring explains how web proxy tools can turn even simple buttons and check-boxes into avenues for an attack.

Read More
What is Web App Pentesting? (Part Two)

By

Raxis Administrator

Lead penetration tester Matt Dunn continues his discussion about web application testing. In Part Two, Matt explains testing as an authenticated user vs. as an unauthenticated user.

Read More
What is Web Application Penetration Testing?

By

Raxis Administrator

Learn how Raxis approaches web application testing and how it differs from network penetration testing. Lead penetration tester Matt Dunn explains in this post.

Read More
What You Need to Know (But Were Afraid to Ask) about Raxis Web App Testing

By

Brad Herring

When testing web apps, the diverse skills Raxis brings to the table ensure that you get meaningful, actionable findings that will make your app more secure.

Read More
Web Attacks: Insecure Transmission of Data

By

Bonnie Smyre

Raxis COO Bonnie Smyre discusses the vulnerabilities that arise when web apps transmit data insecurely and what you can do to secure your apps.

Read More
Web Attacks: Clickjacking

By

Bonnie Smyre

Many of the external network and web application penetration tests that we perform list ‘clickjacking’ as a vulnerability. Here Raxis COO Bonnie Smyre explains what clickjacking is and how you can protect against it.

Read More