Windows Kills Common Offline/Account-less Install Method
Microsoft Windows recently announced the removal of local-only installs on Windows 11. Raxis’ Ryan Chaplin looks at concerns and possible options.
Discover the Art of Penetration Testing
The Exploit is Raxisโ cybersecurity blog where penetration testers and red team experts share real-world insights, attack techniques, and strategies to strengthen defenses against evolving threats. We feature expert advice, detailed breakdowns of exploits, and practical guidance to help organizations understand and respond to todayโs most pressing security challenges.
Salesforce Compromise: What You Need to Know
The FBI has released information to help organizations that are affected by recent attacks against Salesforce. Raxis’ Jason Taylor sums up next steps here.
SpamGPT: Protecting Your Company From Large-Scale Phishing
SpamGPT, a complex phishing and social engineering suite has made the news recently. Learn what it is and how organizations can protect their employees.
Cool Tools Series: Kerbrute
Raxis Principal Penetration Tester Andrew Trexler walks through the many uses of Kerbrute from user enumeration to brute-forcing and password spraying.
Microsoft Copilot Coming Soon to a Desktop Near You
With Microsoft automatically installing Copilot on Windows systems with Microsoft 365 desktop apps installed, organizations will want to set up AI policies.
Lateral Movement: From Beachhead to Breach
Raxis Senior Penetration Tester Nate Jernigan discusses lateral movement in penetration testing and the methods and tools he uses when performing these attacks.
Lessons from the DaVita Healthcare Ransomware Attack
The DaVita ransomware attack is one of the most impactful recent healthcare breaches. Learn what happened and what could have been done to limit the impact.
HTTP/1.1 Security News: What You Can Do Now
A recent Portswigger white paper on HTTP/1.1 highlights critical security issues. If you use old products that still require it, here’s what you can do.
Dev’s Fast Reporting of Phish Reduced Impact on Blockchain Malware Attacks
A recent successful phish allowed attackers to run malware targeting cryptocurrency transactions on various blockchains, but fast reporting limited the damage.
Cool Tools Series: Croc for Secure Data Exfiltration
Lead Penetration Tester Nathan Anderson provides tips on using croc for secure data exfiltration just like he does on red team engagements.
Blog Categories
- AI
- Careers
- Choosing a Penetration Testing Company
- Exploits
- How To
- In The News
- Injection Attacks
- Just For Fun
- Meet Our Team
- Mobile Apps
- Networks
- Password Cracking
- Patching
- Penetration Testing
- Phishing
- PTaaS
- Raxis In The Community
- Red Team
- Security Recommendations
- Social Engineering
- Tips For Everyone
- Web Apps
- What People Are Saying
- Wireless