You See a Wireless Mouse. We see an easy way in.
What to Expect with a Raxis Wireless Penetration Test

When Raxis conducts a penetration test on your wireless network, we’re coming with the technology,[…]

Simultaneous Sessions
Why We Take Simultaneous Sessions Seriously

Raxis Lead Penetration Tester Matt Dunn explains why you simultaneous sessions is a significant finding[…]

CIS vs. NIST
CIS vs. NIST: Understanding Cybersecurity Standards and Frameworks

The CIS 18 and NIST 800-53 are important gap analysis tools security professionals use to[…]

Why they're not the same: Vulnerability Scans and Pentests
Chained Attacks and How a Scan Can Leave You Vulnerable

Vulnerability scans are useful tools for protecting your network. Find out why you shouldn’t rely[…]

Metasploit Module: Azure AD Login Scanner
New Metasploit Module: Azure AD Login Scanner

Raxis’ Matt Dunn has published another Metasploit module, this one describing a vulnerability in Azure’s[…]

Introduction to Cross-Site Scripting
Introduction to Cross-Site Scripting

Raxis lead penetration tester Matt Dunn explains cross-site scripting and how it can be used[…]

Nagios XI Stored Cross-Site Scripting (XSS): CVE-2021-38156
Nagios XI Stored Cross-Site Scripting (XSS): CVE-2021-38156

Nagios is open-source network and system monitoring software. Raxis’ Matt Dunn has discovered a cross-site[…]

Cookie Jar
Keep Your Cookies in the Cookie Jar: HttpOnly and Secure Flags

How can cookies be used against you? And how do you keep that from happening?[…]

Scottie in 2004 on Navarre Beach in the wake of the Hurricane Ivan
Hurricane Ida: Limiting the Damage

Lead penetration tester Scottie Cole is a Gulf Coast resident and former first responder. Read[…]

PRTG Network Monitor Stored Cross-Site Scripting Vulnerability (CVE-2021-29643)
PRTG Network Monitor Stored Cross-Site Scripting Vulnerability (CVE-2021-29643)

Raxis lead penetration tester Matt Dunn uncovers a new vulnerability in the PRTG Network Monitor[…]

Screaming person with smartphone
Don’t Take the Smishbait

Unwanted text messages are annoying, but some also hide malicious links. Here are some ways[…]

JavaScript Execution to Display User's Cookie in an Alert Box
ManageEngine Applications Manager Stored Cross-Site Scripting Vulnerability (CVE-2021-31813)

Raxis’ lead penetration tester Matt Dunn has discovered another ManangeEngine cross-site scripting (XSS) vulnerability, this[…]

1 2 3 5