AD Series: Resource Based Constrained Delegation (RBCD) Exploits
AD Series: Resource Based Constrained Delegation (RBCD)

Learn to exploit msDS-AllowedToActOnBehalfOfOtherIdentitity to gain administrative access in a Resource Based Constrained Delegation (RBCD)

AD Series: Active Directory Certificate Services (ADCS) Exploits Using NTLMRelayx.py
AD Series: Active Directory Certificate Services (ADCS) Exploits Using NTLMRelayx.py

Raxis lead penetration tester Andrew Trexler comes back to Active Directory Certificate Services (ADCS) exploits,[…]

Nathan Anderson Kayaking
Meet the Team: Nathan Anderson, Lead Penetration Tester

From the moment his dad brought home a decommissioned Dell Tower and Cisco router, Nathan[…]

Raxis Team Playing a Joke on Managers
Just Your Friendly Neighborhood Whitehat Hackers

Raxis’ CEO Mark Puckett ponders the recent layoffs at several large pentesting firms and shares[…]

Active Directory Certificate Services (ADCS) Misconfiguration Exploits
AD Series: Active Directory Certificate Services (ADCS) Misconfiguration Exploits

Raxis lead penetration tester Andrew Trexler walks us through several attacks on misconfigured Active Directory[…]

Broadcast Attacks - Responder
AD Series: How to Perform Broadcast Attacks Using NTLMRelayx, MiTM6 and Responder

Raxis lead penetration tester Andrew Trexler walks us through several broadcast attacks using NTLMRelayx, MiTM6,[…]

How to Create an Active Directory Test Environment
How to Create an AD Test Environment

This post will show you how to setup a simple Active Directory (AD) test environment.[…]

Exploiting GraphQL
Exploiting GraphQL

This post will show you how to take advantage of some weak spots in GraphQL.

Brice Jager
Meet the Team: Brice Jager, Lead Penetration Tester

Meet Brice Jager, a Raxis lead penetration tester, who brought a healthy dose of health[…]

You See a Wireless Mouse. We see an easy way in.
What to Expect with a Raxis Wireless Penetration Test

When Raxis conducts a penetration test on your wireless network, we’re coming with the technology,[…]

Starlink
5 Things You Should (and Shouldn’t) Take Away from the Starlink Hack

The hack of SpaceX’s Starlink shouldn’t distract security pros from the terrestrial threats that are[…]

Web App Testing: Part Two
What is Web App Pentesting? (Part Two)

Lead penetration tester Matt Dunn continues his discussion about web application testing. In Part[…]