Ryan Chaplin, Lead Penetration Tester
Ryan Chaplin, lead penetration tester, has loved tech since he was a kid growing up in Larry Bird’s hometown. Hear a few of his fun stories here!
Discover the Art of Penetration Testing
The Exploit is Raxisโ cybersecurity blog where penetration testers and red team experts share real-world insights, attack techniques, and strategies to strengthen defenses against evolving threats. We feature expert advice, detailed breakdowns of exploits, and practical guidance to help organizations understand and respond to todayโs most pressing security challenges.
Password Length: More than Just a Question of Compliance
Password length requirements are a key part of password security, but, with PCI, NIST, OWASP, and CIS offering different recommendations, what length is best?
Raxis’ Brian Tant Featured on Fox 5 Atlanta
Our very own Chief Penetration Testing Officer, Brian Tant, was interviewed by Dana Fowle and the I-Team at Fox 5 Atlanta regarding the AT&T breach.
SOC 2 Compliance: Is it Right for Your Organization?
SOC 2 is a compliance and privacy standard that outlines how to manage customer data & related systems to ensure confidentiality, integrity, and availability.
Raxis Achieves SOC 2 Type 2 Compliance
We are thrilled to announce that Raxis has successfully achieved SOC 2 Type 2 compliance, providing assurance to our clients that their data is handled securely
SQLi Series: SQL Timing Attacks for Penetration Testing
Andrew Trexler’s SQLi Series is back, demonstrating SQL Timing Attacks using MySQL’s sleep function in Blind SQL Injection attacks for penetration testing.
OWASP Top 10: The Bedrock of an Application Penetration Test
When performing web app, mobile app, and API penetration tests, we refer to the OWASP Top 10. Here we’ll discuss what that means and why it’s helpful.
SQLi Series: An Introduction to SQL Injection for Penetration Testing
Raxis’ Andrew Trexler explains what SQL Injection (SQLi) is and how to perform a simple exploit against a web app login page in penetration tests.
Red Teams, Blue Teams, and Purple Teams, Oh My!
Red Teams, Blue Teams, and Purple Teams are cybersecurity terms describing different approaches to testing & improving security measures within an organization.
AD Series: Resource Based Constrained Delegation (RBCD) for Penetration Testing
Exploit msDS-AllowedToActOnBehalfOfOtherIdentitity to gain administrative access in a Resource Based Constrained Delegation (RBCD) attack on penetration tests.
Blog Categories
- AI
- Careers
- Choosing a Penetration Testing Company
- Exploits
- How To
- In The News
- Injection Attacks
- Just For Fun
- Meet Our Team
- Mobile Apps
- Networks
- Password Cracking
- Patching
- Penetration Testing
- Phishing
- PTaaS
- Raxis In The Community
- Red Team
- Security Recommendations
- Social Engineering
- Tips For Everyone
- Web Apps
- What People Are Saying
- Wireless