Skip to content
Raxis
  • Home
  • Services
      Core Services
    • Raxis Red Team
    • AI Augmented Penetration Testing
    • Penetration Testing as a Service (PTaaS)
    • Elite Cybersecurity Services
    • Raxis listed as a Sample Vendor for Penetration Testing as a Service in two Gartner® Hype Cycle™, 2024 reports
      • Penetration Testing
    • Penetration Testing Services
    • Web Application Penetration Testing
    • API Security
    • Salesforce Applications
    • Internal Networks, Cloud, and VPC
    • External Networks and Internet
    • Wireless Networks
    • Mobile Applications
      • CyberSecurity Services
    • Compliance: PCI, HIPAA, GLBA, and more
    • Attack Surface Management
    • Breach and Attack Simulation
    • Cybersecurity Code Review
    • Cybersecurity Red Team
    • Phishing and Spear Phishing
    • Social Engineering
  • Industries
      Critical Infrastructure
    • Energy
    • Communications
    • Transportation
    • Water
      • Compliance Driven
    • Credit Card Industry (PCI)
    • Education
    • Finance and Banking
    • GLBA Safeguards Rule
    • Government Agencies
    • Healthcare (HIPAA)
    • Manufacturing
    • SOC 2
      • Technology
    • Technology and Software Development
    • Blockchain and Cryptocurrency
    • Media and Entertainment
    • Social Media
  • Resources
      Company Information
    • About Raxis
    • Careers
    • Meet Our Team
    • Signup for Raxis News
      • Resources
    • The Exploit Blog
    • Become a Raxis Partner
    • Certifications
    • Raxis One
    • Transporter Remote Pentesting
      • About Ethical Hacking
    • An Inside Look at a Raxis Red Team
    • Red, Blue, and Purple Teams
    • Penetration Test Glossary
    • What is a Penetration Test?
    • What is Web Application Penetration Testing?
  • The Exploit Blog
  • About Us
Contact Raxis Login
Raxis
Contact RaxisIcon Link to Contact Raxis
  • Home
  • Services
      Core Services
    • Raxis Red Team
    • AI Augmented Penetration Testing
    • Penetration Testing as a Service (PTaaS)
    • Elite Cybersecurity Services
    • Raxis listed as a Sample Vendor for Penetration Testing as a Service in two Gartner® Hype Cycle™, 2024 reports
      • Penetration Testing
    • Penetration Testing Services
    • Web Application Penetration Testing
    • API Security
    • Salesforce Applications
    • Internal Networks, Cloud, and VPC
    • External Networks and Internet
    • Wireless Networks
    • Mobile Applications
      • CyberSecurity Services
    • Compliance: PCI, HIPAA, GLBA, and more
    • Attack Surface Management
    • Breach and Attack Simulation
    • Cybersecurity Code Review
    • Cybersecurity Red Team
    • Phishing and Spear Phishing
    • Social Engineering
  • Industries
      Critical Infrastructure
    • Energy
    • Communications
    • Transportation
    • Water
      • Compliance Driven
    • Credit Card Industry (PCI)
    • Education
    • Finance and Banking
    • GLBA Safeguards Rule
    • Government Agencies
    • Healthcare (HIPAA)
    • Manufacturing
    • SOC 2
      • Technology
    • Technology and Software Development
    • Blockchain and Cryptocurrency
    • Media and Entertainment
    • Social Media
  • Resources
      Company Information
    • About Raxis
    • Careers
    • Meet Our Team
    • Signup for Raxis News
      • Resources
    • The Exploit Blog
    • Become a Raxis Partner
    • Certifications
    • Raxis One
    • Transporter Remote Pentesting
      • About Ethical Hacking
    • An Inside Look at a Raxis Red Team
    • Red, Blue, and Purple Teams
    • Penetration Test Glossary
    • What is a Penetration Test?
    • What is Web Application Penetration Testing?
  • The Exploit Blog
  • About Us

The Exploit

Raxis Cybersecurity Insights From The Frontlines

  • Dangers of Storing Sensitive Data in Web Storage: 5 Real Attack Scenarios
    Exploits | Penetration Testing | Security Recommendations | Web Apps

    Dangers of Storing Sensitive Data in Web Storage: 5 Real Attack Scenarios

    ByRyan Chaplin August 26, 2025July 11, 2025

    Lead Penetration Tester Ryan Chaplin walks us through 5 real-world attack scenarios used in real-world penetration tests by Raxis.

    Read More Dangers of Storing Sensitive Data in Web Storage: 5 Real Attack ScenariosContinue

  • Cybersecurity: It’s how to say “Yes.”
    Security Recommendations | Tips For Everyone

    Cybersecurity: It’s how to say “Yes.”

    ByMark Puckett December 31, 2024

    Contrary to common misconceptions, cybersecurity acts as a powerful enabler in the digital age, fostering innovation, driving business growth, and empowering organizations to harness technology’s full potential. By building trust, accelerating innovation, enabling emerging technologies, enhancing efficiency, ensuring compliance, supporting remote work, and protecting intellectual property, robust cybersecurity measures create a secure foundation for organizations to thrive and innovate in an increasingly interconnected world.

    Read More Cybersecurity: It’s how to say “Yes.”Continue

  • Accepting Penetration Test Risks & How Compensating Controls Can Help
    Penetration Testing | Security Recommendations

    Accepting Penetration Test Risks & How Compensating Controls Can Help

    ByTim Semchenko December 17, 2024

    Tim Semchenko discusses documenting acceptance of risks and implementing compensating controls as options when pentest findings cannot be fixed immediately.

    Read More Accepting Penetration Test Risks & How Compensating Controls Can HelpContinue

  • Cool Tools Series: NMAP for Penetration Tests
    How To | Networks | Penetration Testing

    Cool Tools Series: NMAP for Penetration Tests

    ByAdam Fernandez July 30, 2024

    Raxis’ lead developer, Adam Fernandez, adds to our Cool Tools Series with a focus on Nmap: discovering live hosts that appear to be down and useful NSE scripts.

    Read More Cool Tools Series: NMAP for Penetration TestsContinue

  • Cyber Warfare
    In The News

    Cyber Civil Defense: We Can All Fight the Russians

    ByBonnie Smyre February 28, 2022June 3, 2025

    If you’re outraged over the invasion of Ukraine, there are some things you can do that will actually help make it harder for the Russian government to expand its hostilities.

    Read More Cyber Civil Defense: We Can All Fight the RussiansContinue

  • Why they're not the same: Vulnerability Scans and Pentests
    Security Recommendations

    Chained Attacks and How a Scan Can Leave You Vulnerable

    ByTim Semchenko December 10, 2021June 3, 2025

    Vulnerability scans are useful tools for protecting your network. Find out why you shouldn’t rely on them exclusively.

    Read More Chained Attacks and How a Scan Can Leave You VulnerableContinue

  • Cookie Jar
    Security Recommendations

    Keep Your Cookies in the Cookie Jar: HttpOnly and Secure Flags

    ByRaxis Research Team September 3, 2021June 3, 2025

    How can cookies be used against you? And how do you keep that from happening? Raxis’ Matt Dunn explains.

    Read More Keep Your Cookies in the Cookie Jar: HttpOnly and Secure FlagsContinue

  • Scottie in 2004 on Navarre Beach in the wake of the Hurricane Ivan
    Security Recommendations

    Hurricane Ida: Limiting the Damage

    ByScottie Cole September 1, 2021

    Lead penetration tester Scottie Cole is a Gulf Coast resident and former first responder. Read his tips for avoiding hackers and scams that can be as costly as a natural disaster.

    Read More Hurricane Ida: Limiting the DamageContinue

  • Screaming person with smartphone
    Security Recommendations

    Don’t Take the Smishbait

    ByBonnie Smyre July 30, 2021August 22, 2025

    Unwanted text messages are annoying, but some also hide malicious links. Here are some ways to avoid being “smished.”

    Read More Don’t Take the SmishbaitContinue

  • Passwords on Post-It notes
    Just For Fun

    12 New Cyber Terms the World Needs Now

    ByBonnie Smyre July 23, 2021June 3, 2025

    The cybersecurity profession has its own lingo. As experts in the field, the Raxis team felt compelled to add a few we thought were missing.

    Read More 12 New Cyber Terms the World Needs NowContinue

  • Clickjacking causes user to unknowingly purchase tickets
    How To

    Realistically Assessing the Threat of Clickjacking Today: A Penetration Tester Perspective

    ByAdam Fernandez May 28, 2021June 16, 2025

    Raxis’ Lead Developer Adam Fernandez discusses clickjacking, explaining what it is and why it represents less of a threat now than it once did. Adam also talks about how clickjacking differs from similar attacks.

    Read More Realistically Assessing the Threat of Clickjacking Today: A Penetration Tester PerspectiveContinue

  • Cross-Site Scripting Vulnerability in ManageEngine AD Self Service Plus (CVE-2021-27956)
    Exploits

    Cross-Site Scripting Vulnerability in ManageEngine AD Self Service Plus (CVE-2021-27956)

    ByRaxis Research Team May 20, 2021July 26, 2025

    Raxis lead penetration tester Matt Dunn has uncovered a new cross-site scripting vulnerability in Manage Engine AD Self Service Plus (CVE-2021-27956). Find out more here.

    Read More Cross-Site Scripting Vulnerability in ManageEngine AD Self Service Plus (CVE-2021-27956)Continue

Page navigation

1 2 3 4 Next PageNext

2870 Peachtree Road
Suite #915-8924
Atlanta, GA 30305 USA

Contact us online

About Raxis

  • About Raxis
  • Careers
  • Terms and Conditions
  • Privacy Policy
  • Partners, Apply Here

Resources

  • The Exploit
  • Transporter Remote Penetration Testing
  • Penetration Test Glossary
  • What is a Penetration Test?
Facebook X Instagram Linkedin YouTube