The Exploit Blog | Penetration Testing & Cybersecurity Insights by Raxis

Discover the Art of Penetration Testing

The Exploit is Raxis’ cybersecurity blog where penetration testers and red team experts share real-world insights, attack techniques, and strategies to strengthen defenses against evolving threats. We feature expert advice, detailed breakdowns of exploits, and practical guidance to help organizations understand and respond to today’s most pressing security challenges.

Meet Our Team

Cool Tools Series: Kerbrute

By Andrew Trexler

Posted in Exploits, Networks, Penetration Testing, Red Team

Raxis Principal Penetration Tester Andrew Trexler walks through the many uses of Kerbrute from user enumeration to brute-forcing and password spraying.

Microsoft Copilot Coming Soon to a Desktop Near You

By Jason Taylor

Posted in In The News, Security Recommendations

With Microsoft automatically installing Copilot on Windows systems with Microsoft 365 desktop apps installed, organizations will want to set up AI policies.

Lateral Movement: From Beachhead to Breach

By Nate Jernigan

Posted in Exploits, How To, Networks, Penetration Testing, Security Recommendations

Raxis Senior Penetration Tester Nate Jernigan discusses lateral movement in penetration testing and the methods and tools he uses when performing these attacks.

Lessons from the DaVita Healthcare Ransomware Attack

By Brian Tant

Posted in In The News, Networks, Penetration Testing, Security Recommendations,

The DaVita ransomware attack is one of the most impactful recent healthcare breaches. Learn what happened and what could have been done to limit the impact.

HTTP/1.1 Security News: What You Can Do Now

By Jason Taylor

Posted in In The News, Web Apps

A recent Portswigger white paper on HTTP/1.1 highlights critical security issues. If you use old products that still require it, here’s what you can do.

Dev’s Fast Reporting of Phish Reduced Impact on Blockchain Malware Attacks

By Andrew Trexler

Posted in In The News, Phishing

A recent successful phish allowed attackers to run malware targeting cryptocurrency transactions on various blockchains, but fast reporting limited the damage.

Cool Tools Series: Croc for Secure Data Exfiltration

By Nathan Anderson

Posted in How To, Networks

Lead Penetration Tester Nathan Anderson provides tips on using croc for secure data exfiltration just like he does on red team engagements.

Dangers of Storing Sensitive Data in Web Storage: 5 Real Attack Scenarios

By Ryan Chaplin

Posted in Exploits, Penetration Testing, Security Recommendations, Web Apps

Lead Penetration Tester Ryan Chaplin walks us through 5 real-world attack scenarios used in real-world penetration tests by Raxis.

Specialized Services: The Answer to Your Custom Cybersecurity Needs

By Caroline Kelly

Posted in Penetration Testing

We love to hear that our cybersecurity services have been useful to our customers. See how a specialized device test was just that and how we can help you too.

Raxis Announces New Outbound Sales Roles in Atlanta

By Brad Herring

Posted in Careers

Self-motivated, organized and enjoy listening to potential customers to help them scope penetration tests? Raxis is looking for outbound sales reps.

Raxis Cybersecurity Insights From The Frontlines