Accepting Penetration Test Risks & How Compensating Controls Can Help
Accepting Penetration Test Risks & How Compensating Controls Can Help

Tim Semchenko discusses documenting acceptance of risks and implementing compensating controls as options when pentest[…]

Cool Tools Series: NMAP for Penetration Tests
Cool Tools Series: NMAP for Penetration Tests

Raxis’ lead developer, Adam Fernandez, adds to our Cool Tools Series with a focus on[…]

Cyber Warfare
Cyber Civil Defense: We Can All Fight the Russians

If you’re outraged over the invasion of Ukraine, there are some things you can do[…]

Why they're not the same: Vulnerability Scans and Pentests
Chained Attacks and How a Scan Can Leave You Vulnerable

Vulnerability scans are useful tools for protecting your network. Find out why you shouldn’t rely[…]

Cookie Jar
Keep Your Cookies in the Cookie Jar: HttpOnly and Secure Flags

How can cookies be used against you? And how do you keep that from happening?[…]

Scottie in 2004 on Navarre Beach in the wake of the Hurricane Ivan
Hurricane Ida: Limiting the Damage

Lead penetration tester Scottie Cole is a Gulf Coast resident and former first responder. Read[…]

Screaming person with smartphone
Don’t Take the Smishbait

Unwanted text messages are annoying, but some also hide malicious links. Here are some ways[…]

Passwords on Post-It notes
12 New Cyber Terms the World Needs Now

The cybersecurity profession has its own lingo. As experts in the field, the Raxis team[…]

Clickjacking causes user to unknowingly purchase tickets
Realistically Assessing the Threat of Clickjacking Today

Raxis’ Lead Developer Adam Fernandez discusses clickjacking, explaining what it is and why it represents[…]

Cross-Site Scripting Vulnerability in ManageEngine AD Self Service Plus (CVE-2021-27956)
Cross-Site Scripting Vulnerability in ManageEngine AD Self Service Plus (CVE-2021-27956)

Raxis lead penetration tester Matt Dunn has uncovered a new cross-site scripting vulnerability in Manage[…]

Go Phish
Phish Like the Pros

Phish attacks are a significant threat to all organizations. In this video Raxis’ Scottie Cole[…]

LDAP Passback
LDAP Passback and Why We Harp on Passwords

LDAP passback exploits are easy when companies fail to change default passwords on network devices[…]