Introduction to Cross-Site Scripting
This video covers the basics of cross-site scripting, including reflected, stored, and DOM-based XSS as well as remediation to protect against these attacks.
Discover the Art of Penetration Testing
The Exploit is Raxis’ cybersecurity blog where penetration testers and red team experts share real-world insights, attack techniques, and strategies to strengthen defenses against evolving threats. We feature expert advice, detailed breakdowns of exploits, and practical guidance to help organizations understand and respond to today’s most pressing security challenges.
Brian Tant, Chief Penetration Testing Officer
Brian Tant is Raxis’ Chief Technology Officer. Learn more about how he became a rock-star ethical hacker.
Bonnie Smyre, Chief Operating Officer
Often serving as the public face of Raxis, Bonnie Smyre is a veteran IT pro who found her voice on an unusual stage and brought a combination of talent to the role of chief operating officer.
OWASP Top 10: Broken Access Control
In this blog post, Raxis lead penetration tester Mark Fabian discusses broken access control and why it’s the most prevalent issue among the OWASP Top 10.
Scottie Cole, Lead Penetration Tester
From first responder to penetration tester, Scottie Cole knows how to work under pressure. Learn more about him here.
2021 OWASP Top 10 Focus: Injection Attacks for Penetration Testing
The latest draft of the OWASP Top 10 has been released. Though injection is #3, Raxis’ Matt Dun explains why that doesn’t mean the threat is any less severe.
Nagios XI Stored Cross-Site Scripting (XSS): CVE-2021-38156
Nagios is open-source network and system monitoring software. Raxis’ Matt Dunn has discovered a cross-site scripting vulnerability that could leave users open to attack.
Keep Your Cookies in the Cookie Jar: HttpOnly and Secure Flags
How can cookies be used against you? And how do you keep that from happening? Raxis’ Matt Dunn explains.
Hurricane Ida: Limiting the Damage
Lead penetration tester Scottie Cole is a Gulf Coast resident and former first responder. Read his tips for avoiding hackers and scams that can be as costly as a natural disaster.
Adam Fernandez, Lead Developer
Adam Fernandez has been a Raxis team member since 2017, an inventor since high school, and a security guy since birth. (Well, almost). Read about his amazing path to our company.
Blog Categories
- AI
- Careers
- Choosing a Penetration Testing Company
- Exploits
- How To
- In The News
- Injection Attacks
- Just For Fun
- Meet Our Team
- Mobile Apps
- Networks
- Password Cracking
- Patching
- Penetration Testing
- Phishing
- PTaaS
- Raxis In The Community
- Red Team
- Security Recommendations
- Social Engineering
- Tips For Everyone
- Web Apps
- What People Are Saying
- Wireless