OWASP Top 10 for LLM Applications Penetration Testing
Lead Penetration Tester Jason Taylor looks at OWASP’s Top 10 list for LLM applications for penetration testing as AI machine learning becomes prevalent.
-
-
OWASP Top 10: The Bedrock of an Application Penetration Test
When performing web app, mobile app, and API penetration tests, we refer to the OWASP Top 10. Here we’ll discuss what that means and why it’s helpful.
-
SQLi Series: An Introduction to SQL Injection for Penetration Testing
Raxis’ Andrew Trexler explains what SQL Injection (SQLi) is and how to perform a simple exploit against a web app login page in penetration tests.
-
Why We Take Simultaneous Sessions Seriously on Penetration Tests
Raxis Lead Penetration Tester Matt Dunn explains why you simultaneous sessions is a significant finding on a penetration test.
-
What is Web App Pentesting? (Part Two)
Lead penetration tester Matt Dunn continues his discussion about web application testing. In Part Two, Matt explains testing as an authenticated user vs. as an unauthenticated user.
-
What is Web Application Penetration Testing?
Learn how Raxis approaches web application testing and how it differs from network penetration testing. Lead penetration tester Matt Dunn explains in this post.
-
What You Need to Know (But Were Afraid to Ask) about Raxis Web App Testing
When testing web apps, the diverse skills Raxis brings to the table ensure that you get meaningful, actionable findings that will make your app more secure.
-
External vs. Web App Pen Testing
What’s the difference between an external pen test and a web application pen test? Raxis COO Bonnie Smyre and VP of Sales Brad Herring explain.
-
Raxis API Tool
Raxis Lead Developer, Adam Fernandez, has developed a tool to use for testing JSON-based REST APIs, and we’re sharing this tool on GitHub to help API developers test their own code during the SDLC process and to prepare for third-party API penetration tests.
-
Web Attacks: Insecure Transmission of Data
Raxis COO Bonnie Smyre discusses the vulnerabilities that arise when web apps transmit data insecurely and what you can do to secure your apps.
-
Web Attacks: Clickjacking
Many of the external network and web application penetration tests that we perform list ‘clickjacking’ as a vulnerability. Here Raxis COO Bonnie Smyre explains what clickjacking is and how you can protect against it.
