Skip to content
Raxis
  • Home
  • Services
      Core Services
    • Raxis Red Team
    • AI Augmented Penetration Testing
    • Penetration Testing as a Service (PTaaS)
    • Elite Cybersecurity Services
    • Raxis listed as a Sample Vendor for Penetration Testing as a Service in two Gartner® Hype Cycleâ„¢, 2024 reports
      • Penetration Testing
    • Penetration Testing Services
    • Web Application Penetration Testing
    • API Security
    • Salesforce Applications
    • Internal Networks, Cloud, and VPC
    • External Networks and Internet
    • Wireless Networks
    • Mobile Applications
      • CyberSecurity Services
    • Compliance: PCI, HIPAA, GLBA, and more
    • Attack Surface Management
    • Breach and Attack Simulation
    • Cybersecurity Code Review
    • Cybersecurity Red Team
    • Phishing and Spear Phishing
    • Social Engineering
  • Industries
      Critical Infrastructure
    • Energy
    • Communications
    • Transportation
    • Water
      • Compliance Driven
    • Credit Card Industry (PCI)
    • Education
    • Finance and Banking
    • GLBA Safeguards Rule
    • Government Agencies
    • Healthcare (HIPAA)
    • Manufacturing
    • SOC 2
      • Technology
    • Technology and Software Development
    • Blockchain and Cryptocurrency
    • Media and Entertainment
    • Social Media
  • Resources
      Company Information
    • About Raxis
    • Careers
    • Meet Our Team
    • Signup for Raxis News
      • Resources
    • The Exploit Blog
    • Become a Raxis Partner
    • Certifications
    • Raxis One
    • Transporter Remote Pentesting
      • About Ethical Hacking
    • An Inside Look at a Raxis Red Team
    • Red, Blue, and Purple Teams
    • Penetration Test Glossary
    • What is a Penetration Test?
    • What is Web Application Penetration Testing?
  • The Exploit Blog
  • About Us
Contact Raxis Login
Raxis
Contact RaxisIcon Link to Contact Raxis
  • Home
  • Services
      Core Services
    • Raxis Red Team
    • AI Augmented Penetration Testing
    • Penetration Testing as a Service (PTaaS)
    • Elite Cybersecurity Services
    • Raxis listed as a Sample Vendor for Penetration Testing as a Service in two Gartner® Hype Cycleâ„¢, 2024 reports
      • Penetration Testing
    • Penetration Testing Services
    • Web Application Penetration Testing
    • API Security
    • Salesforce Applications
    • Internal Networks, Cloud, and VPC
    • External Networks and Internet
    • Wireless Networks
    • Mobile Applications
      • CyberSecurity Services
    • Compliance: PCI, HIPAA, GLBA, and more
    • Attack Surface Management
    • Breach and Attack Simulation
    • Cybersecurity Code Review
    • Cybersecurity Red Team
    • Phishing and Spear Phishing
    • Social Engineering
  • Industries
      Critical Infrastructure
    • Energy
    • Communications
    • Transportation
    • Water
      • Compliance Driven
    • Credit Card Industry (PCI)
    • Education
    • Finance and Banking
    • GLBA Safeguards Rule
    • Government Agencies
    • Healthcare (HIPAA)
    • Manufacturing
    • SOC 2
      • Technology
    • Technology and Software Development
    • Blockchain and Cryptocurrency
    • Media and Entertainment
    • Social Media
  • Resources
      Company Information
    • About Raxis
    • Careers
    • Meet Our Team
    • Signup for Raxis News
      • Resources
    • The Exploit Blog
    • Become a Raxis Partner
    • Certifications
    • Raxis One
    • Transporter Remote Pentesting
      • About Ethical Hacking
    • An Inside Look at a Raxis Red Team
    • Red, Blue, and Purple Teams
    • Penetration Test Glossary
    • What is a Penetration Test?
    • What is Web Application Penetration Testing?
  • The Exploit Blog
  • About Us

The Exploit

Raxis Cybersecurity Insights From The Frontlines

  • OWASP Top 10 for LLM Applications
    AI | Exploits | Penetration Testing | Web Apps

    OWASP Top 10 for LLM Applications Penetration Testing

    ByJason Taylor July 15, 2025November 10, 2025

    Lead Penetration Tester Jason Taylor looks at OWASP’s Top 10 list for LLM applications for penetration testing as AI machine learning becomes prevalent.

    Read More OWASP Top 10 for LLM Applications Penetration TestingContinue

  • OWASP Top 10 2021
    Penetration Testing | Web Apps

    OWASP Top 10: The Bedrock of an Application Penetration Test

    ByAdam Fernandez April 23, 2024

    When performing web app, mobile app, and API penetration tests, we refer to the OWASP Top 10. Here we’ll discuss what that means and why it’s helpful.

    Read More OWASP Top 10: The Bedrock of an Application Penetration TestContinue

  • SQL Injection
    Exploits | How To | Injection Attacks

    SQLi Series: An Introduction to SQL Injection for Penetration Testing

    ByAndrew Trexler April 9, 2024June 16, 2025

    Raxis’ Andrew Trexler explains what SQL Injection (SQLi) is and how to perform a simple exploit against a web app login page in penetration tests.

    Read More SQLi Series: An Introduction to SQL Injection for Penetration TestingContinue

  • Simultaneous Sessions
    Security Recommendations

    Why We Take Simultaneous Sessions Seriously on Penetration Tests

    ByRaxis Research Team April 8, 2022September 5, 2025

    Raxis Lead Penetration Tester Matt Dunn explains why you simultaneous sessions is a significant finding on a penetration test.

    Read More Why We Take Simultaneous Sessions Seriously on Penetration TestsContinue

  • Web App Testing: Part Two
    Web Apps

    What is Web App Pentesting? (Part Two)

    ByRaxis Research Team March 4, 2022August 22, 2025

    Lead penetration tester Matt Dunn continues his discussion about web application testing. In Part Two, Matt explains testing as an authenticated user vs. as an unauthenticated user.

    Read More What is Web App Pentesting? (Part Two)Continue

  • Web App Testing: Part One
    Web Apps

    What is Web Application Penetration Testing?

    ByRaxis Research Team February 18, 2022June 3, 2025

    Learn how Raxis approaches web application testing and how it differs from network penetration testing. Lead penetration tester Matt Dunn explains in this post.

    Read More What is Web Application Penetration Testing?Continue

  • Computer, tablet and smart phone
    Penetration Testing | Web Apps

    What You Need to Know (But Were Afraid to Ask) about Raxis Web App Testing

    ByBrad Herring June 18, 2021July 28, 2025

    When testing web apps, the diverse skills Raxis brings to the table ensure that you get meaningful, actionable findings that will make your app more secure.

    Read More What You Need to Know (But Were Afraid to Ask) about Raxis Web App TestingContinue

  • Brad Herring, Raxis VP of Business Development
    Security Recommendations

    External vs. Web App Pen Testing

    ByBrad Herring September 4, 2020June 3, 2025

    What’s the difference between an external pen test and a web application pen test? Raxis COO Bonnie Smyre and VP of Sales Brad Herring explain.

    Read More External vs. Web App Pen TestingContinue

  • Raxis API Tool
    How To | Penetration Testing

    Raxis API Tool

    ByBonnie Smyre May 4, 2018July 28, 2025

    Raxis Lead Developer, Adam Fernandez, has developed a tool to use for testing JSON-based REST APIs, and we’re sharing this tool on GitHub to help API developers test their own code during the SDLC process and to prepare for third-party API penetration tests.

    Read More Raxis API ToolContinue

  • Web Attacks: Insecure Transmission of Data
    Exploits | Web Apps

    Web Attacks: Insecure Transmission of Data

    ByBonnie Smyre April 26, 2018June 3, 2025

    Raxis COO Bonnie Smyre discusses the vulnerabilities that arise when web apps transmit data insecurely and what you can do to secure your apps.

    Read More Web Attacks: Insecure Transmission of DataContinue

  • Web Attacks: Clickjacking
    Exploits | Web Apps

    Web Attacks: Clickjacking

    ByBonnie Smyre April 19, 2018January 17, 2025

    Many of the external network and web application penetration tests that we perform list ‘clickjacking’ as a vulnerability. Here Raxis COO Bonnie Smyre explains what clickjacking is and how you can protect against it.

    Read More Web Attacks: ClickjackingContinue

2870 Peachtree Road
Suite #915-8924
Atlanta, GA 30305 USA

Contact us online

About Raxis

  • About Raxis
  • Careers
  • Terms and Conditions
  • Privacy Policy
  • Partners, Apply Here

Resources

  • The Exploit
  • Transporter Remote Penetration Testing
  • Penetration Test Glossary
  • What is a Penetration Test?
Facebook X Instagram Linkedin YouTube