GUIDE
Secure Your Web Apps: Practical Fixes for the Top 5 Vulnerabilities.
GUIDE
Secure Your Web Apps: Practical Fixes for the Top 5 Vulnerabilities.

Blog

Thoughts, perspectives, and industry commentary from the Cobalt team.

Pentester Diaries Ep1: Understanding Business Logic

We are excited to share the first episode of a new podcast series, Pentester Diaries.
Mar 11, 2021
Est Read Time: 22 min

Pentester Spotlight: Andreea Druga

Andreea Druga is a pentester with over six years of experience in the security arena with a master's degree in IT&C...
Mar 4, 2021
Est Read Time: 7 min

Got Cookies? Exploring Cookie Based Authentication Vulnerabilities in the Wild

Cookies are a widely used way to enable authentication in many of the applications out there. Over time, there has been...
Mar 2, 2021
Est Read Time: 6 min

A Pentester’s Guide to File Inclusion

Read the Pentester’s Guide to File Inclusion for key insights into this common vulnerability.
Feb 19, 2021
Est Read Time: 4 min

Scope Based Recon Methodology: Exploring Tactics for Smart Recon

Reconnaissance (aka Recon) is an essential process in pentesting, especially Black Box Pentesting, where you don't have...
Feb 16, 2021
Est Read Time: 10 min

Business Cost of Cybercrime

Businesses around the world have faced a lot of challenges this past year.
Feb 11, 2021
Est Read Time: 8 min

Pentester Spotlight: Jesus Arturo Espinoza Soto

How curiosity led a PHP programmer to web hacking and a collaborative pentest community of technology tinkerers. Jesus...
Feb 11, 2021
Est Read Time: 4 min

How to Communicate the Business Impact of Vulnerabilities

You’ve discovered a new vulnerability in your infrastructure. If you’re lucky, it’s something you can handle without...
Feb 8, 2021
Est Read Time: 3 min

A Pentester’s Guide to WebSocket Pentesting

What is WebSocket Hijacking? As OWASP states, the HTTP protocol only allows one request/response per TCP connection....
Feb 5, 2021
Est Read Time: 4 min

    Always get the latest

    Sign up to get Cobalt insights delivered right to your inbox so you never miss a story.

    More resources

    Learn pentesting best practices, read answers to our most common questions
    and get our technical docs.