Andrew Trexler, Senior Penetration Tester
Senior penetration tester Andrew Trexler has a penchant for breaking in and blowing up. Read on to find out why both are good things.
-
-
New Metasploit Module for Penetration Testing: Azure AD Login Scanner
Raxis’ Matt Dunn has published another Metasploit module, this one describing a vulnerability in Azure’s Active Directory Seamless Single Sign-on. Learn more here.
-
Mark Puckett, CEO
How did Raxis come to be? From security team lead to penetration tester to CEO, learn how Raxis’ founder and CEO Mark Puckett brought his dream to life.
-
Cross-Site Scripting (XSS): Filter Evasion and Sideloading
In this second in a series, learn how to perform Cross-Site Scripting (XSS) attacks such as filter evasion and sideloading content.
-
Brad Herring, VP of Business Development
Brad Herring is the Raxis VP of Business Development — the first person most of our customers meet. Find out how he got here and why he loves his job.
-
Introduction to Cross-Site Scripting
This video covers the basics of cross-site scripting, including reflected, stored, and DOM-based XSS as well as remediation to protect against these attacks.
-
Brian Tant, Chief Penetration Testing Officer
Brian Tant is Raxis’ Chief Technology Officer. Learn more about how he became a rock-star ethical hacker.
-
Bonnie Smyre, Chief Operating Officer
Often serving as the public face of Raxis, Bonnie Smyre is a veteran IT pro who found her voice on an unusual stage and brought a combination of talent to the role of chief operating officer.
-
OWASP Top 10: Broken Access Control
In this blog post, Raxis lead penetration tester Mark Fabian discusses broken access control and why it’s the most prevalent issue among the OWASP Top 10.
-
Scottie Cole, Lead Penetration Tester
From first responder to penetration tester, Scottie Cole knows how to work under pressure. Learn more about him here.
-
2021 OWASP Top 10 Focus: Injection Attacks for Penetration Testing
The latest draft of the OWASP Top 10 has been released. Though injection is #3, Raxis’ Matt Dun explains why that doesn’t mean the threat is any less severe.
-
Nagios XI Stored Cross-Site Scripting (XSS): CVE-2021-38156
Nagios is open-source network and system monitoring software. Raxis’ Matt Dunn has discovered a cross-site scripting vulnerability that could leave users open to attack.
