Skip to content
Raxis
  • Home
  • Services
      Core Services
    • Raxis Red Team
    • AI Augmented Penetration Testing
    • Penetration Testing as a Service (PTaaS)
    • Elite Cybersecurity Services
    • Raxis listed as a Sample Vendor for Penetration Testing as a Service in two Gartner® Hype Cycle™, 2024 reports
      • Penetration Testing
    • Penetration Testing Services
    • Web Application Penetration Testing
    • API Security
    • Salesforce Applications
    • Internal Networks, Cloud, and VPC
    • External Networks and Internet
    • Wireless Networks
    • Mobile Applications
      • CyberSecurity Services
    • Compliance: PCI, HIPAA, GLBA, and more
    • Attack Surface Management
    • Breach and Attack Simulation
    • Cybersecurity Code Review
    • Cybersecurity Red Team
    • Phishing and Spear Phishing
    • Social Engineering
  • Industries
      Critical Infrastructure
    • Energy
    • Communications
    • Transportation
    • Water
      • Compliance Driven
    • Credit Card Industry (PCI)
    • Education
    • Finance and Banking
    • GLBA Safeguards Rule
    • Government Agencies
    • Healthcare (HIPAA)
    • Manufacturing
    • SOC 2
      • Technology
    • Technology and Software Development
    • Blockchain and Cryptocurrency
    • Media and Entertainment
    • Social Media
  • Resources
      Company Information
    • About Raxis
    • Careers
    • Meet Our Team
    • Signup for Raxis News
      • Resources
    • The Exploit Blog
    • Become a Raxis Partner
    • Certifications
    • Raxis One
    • Transporter Remote Pentesting
      • About Ethical Hacking
    • An Inside Look at a Raxis Red Team
    • Red, Blue, and Purple Teams
    • Penetration Test Glossary
    • What is a Penetration Test?
    • What is Web Application Penetration Testing?
  • The Exploit Blog
  • About Us
Contact Raxis Login
Raxis
Contact RaxisIcon Link to Contact Raxis
  • Home
  • Services
      Core Services
    • Raxis Red Team
    • AI Augmented Penetration Testing
    • Penetration Testing as a Service (PTaaS)
    • Elite Cybersecurity Services
    • Raxis listed as a Sample Vendor for Penetration Testing as a Service in two Gartner® Hype Cycle™, 2024 reports
      • Penetration Testing
    • Penetration Testing Services
    • Web Application Penetration Testing
    • API Security
    • Salesforce Applications
    • Internal Networks, Cloud, and VPC
    • External Networks and Internet
    • Wireless Networks
    • Mobile Applications
      • CyberSecurity Services
    • Compliance: PCI, HIPAA, GLBA, and more
    • Attack Surface Management
    • Breach and Attack Simulation
    • Cybersecurity Code Review
    • Cybersecurity Red Team
    • Phishing and Spear Phishing
    • Social Engineering
  • Industries
      Critical Infrastructure
    • Energy
    • Communications
    • Transportation
    • Water
      • Compliance Driven
    • Credit Card Industry (PCI)
    • Education
    • Finance and Banking
    • GLBA Safeguards Rule
    • Government Agencies
    • Healthcare (HIPAA)
    • Manufacturing
    • SOC 2
      • Technology
    • Technology and Software Development
    • Blockchain and Cryptocurrency
    • Media and Entertainment
    • Social Media
  • Resources
      Company Information
    • About Raxis
    • Careers
    • Meet Our Team
    • Signup for Raxis News
      • Resources
    • The Exploit Blog
    • Become a Raxis Partner
    • Certifications
    • Raxis One
    • Transporter Remote Pentesting
      • About Ethical Hacking
    • An Inside Look at a Raxis Red Team
    • Red, Blue, and Purple Teams
    • Penetration Test Glossary
    • What is a Penetration Test?
    • What is Web Application Penetration Testing?
  • The Exploit Blog
  • About Us

The Exploit

Raxis Cybersecurity Insights From The Frontlines

  • Starlink
    In The News

    5 Things You Should (and Shouldn’t) Take Away from the Starlink Hack

    ByScottie Cole August 16, 2022July 28, 2025

    The hack of SpaceX’s Starlink shouldn’t distract security pros from the terrestrial threats that are much more likely and far more common.

    Read More 5 Things You Should (and Shouldn’t) Take Away from the Starlink HackContinue

  • CVE-2022-26653 & CVE-2022-26777: ManageEngine Remote Access Plus Guest User Insecure Direct Object References
    Exploits

    CVE-2022-26653 & CVE-2022-26777: ManageEngine Remote Access Plus Guest User Insecure Direct Object References

    ByRaxis Research Team July 21, 2022July 28, 2025

    Raxis lead penetration tester Matt Dunn uncovers two more ManageEngine vulnerabilities (CVE-2022-26653 & CVE-2022-26777).

    Read More CVE-2022-26653 & CVE-2022-26777: ManageEngine Remote Access Plus Guest User Insecure Direct Object ReferencesContinue

  • CVE-2022-25373: ManageEngine Support Center Plus Stored Cross-Site Scripting (XSS)
    Exploits

    CVE-2022-25373: ManageEngine Support Center Plus Stored Cross-Site Scripting (XSS)

    ByRaxis Research Team July 6, 2022July 28, 2025

    Matt Dunn discovers another ManageEngine Cross-Site Scripting vulnerability, this one in the Support Center Plus application.

    Read More CVE-2022-25373: ManageEngine Support Center Plus Stored Cross-Site Scripting (XSS)Continue

  • Raxis Earns Five-Star Rating
    What People Are Saying

    Raxis Earns Five-Star Rating

    ByBrad Herring June 23, 2022July 28, 2025

    Five stars from Clutch? We got ‘em! Read the details about why our penetration testing and cybersecurity customers say we rock.

    Read More Raxis Earns Five-Star RatingContinue

  • Members of the Pensacola Catholic High School “Crubotics” team with their ROV.
    Raxis In The Community

    Raxis Supports Pensacola ROV Team

    ByRaxis Research Team June 16, 2022July 31, 2025

    Raxis is proud to sponsor the Pensacola Catholic High School “Crubotics” robotics team. Its members will compete in June 2022’s World Championships in Long Beach, California. The event is part the MATE ROV competioton

    Read More Raxis Supports Pensacola ROV TeamContinue

  • CVE-2022-25245: ManageEngine Asset Explorer Information Leakage
    Exploits

    CVE-2022-25245: ManageEngine Asset Explorer Information Leakage

    ByRaxis Research Team June 7, 2022September 5, 2025

    Raxis lead penetration tester Matt Dunn discovers an information leakage vulnerability in ManageEngine’s Asset Explorer CVE-2022-25245

    Read More CVE-2022-25245: ManageEngine Asset Explorer Information LeakageContinue

  • Exploiting Dirty Pipe (CVE-2022-0847)
    Exploits | How To

    Exploiting Dirty Pipe (CVE-2022-0847)

    ByAndrew Trexler May 26, 2022September 5, 2025

    The Dirty Pipe vulnerability (CVE-2022-0847) allows any user to write to read-only files, including files that are owned by root, allowing privilege escalation.

    Read More Exploiting Dirty Pipe (CVE-2022-0847)Continue

  • CVE-2022-24681: ManageEngine AD SelfService Plus Stored Cross-Site Scripting (XSS)
    Exploits

    CVE-2022-24681: ManageEngine AD SelfService Plus Stored Cross-Site Scripting (XSS)

    ByRaxis Research Team May 17, 2022July 28, 2025

    Raxis’ Matt Dunn continues his prolific discovery of new CSS CVEs. This one affects ManageEngine AD SelfService Plus Stored Cross-Site Scripting.

    Read More CVE-2022-24681: ManageEngine AD SelfService Plus Stored Cross-Site Scripting (XSS)Continue

  • Simultaneous Sessions
    Security Recommendations

    Why We Take Simultaneous Sessions Seriously on Penetration Tests

    ByRaxis Research Team April 8, 2022September 5, 2025

    Raxis Lead Penetration Tester Matt Dunn explains why you simultaneous sessions is a significant finding on a penetration test.

    Read More Why We Take Simultaneous Sessions Seriously on Penetration TestsContinue

  • Submit Button
    Exploits | How To | Injection Attacks | Web Apps

    Hackers See Opportunity Where You See Only a Button

    ByBrad Herring April 1, 2022June 3, 2025

    In this post, Raxis VP Brad Herring explains how web proxy tools can turn even simple buttons and check-boxes into avenues for an attack.

    Read More Hackers See Opportunity Where You See Only a ButtonContinue

  • Jim McClellan
    Meet Our Team

    Jim McClellan, Marketing Director

    ByRaxis Research Team March 25, 2022June 3, 2025

    Raxis’ new marketing director, Jim McClellan, talks about the unusual career path that led from consultant to full-time team member.

    Read More Jim McClellan, Marketing DirectorContinue

  • How to Hire a Penetration Testing Firm Part Two
    How To | Penetration Testing

    How to Hire a Penetration Testing Firm – Part 2

    ByBonnie Smyre March 18, 2022July 28, 2025

    Is your organization is in the market for a penetration test? Raxis’ COO Bonnie Smyre continues her two-part series on how to hire a penetration testing firm.

    Read More How to Hire a Penetration Testing Firm – Part 2Continue

Page navigation

Previous PagePrevious 1 … 6 7 8 9 10 … 20 Next PageNext

2870 Peachtree Road
Suite #915-8924
Atlanta, GA 30305 USA

Contact us online

About Raxis

  • About Raxis
  • Careers
  • Terms and Conditions
  • Privacy Policy
  • Partners, Apply Here

Resources

  • The Exploit
  • Transporter Remote Penetration Testing
  • Penetration Test Glossary
  • What is a Penetration Test?
Facebook X Instagram Linkedin YouTube