GUIDE
Secure Your Web Apps: Practical Fixes for the Top 5 Vulnerabilities.
GUIDE
Secure Your Web Apps: Practical Fixes for the Top 5 Vulnerabilities.

Blog

Thoughts, perspectives, and industry commentary from the Cobalt team.

Pentester Spotlight: Jesus Arturo Espinoza Soto

How curiosity led a PHP programmer to web hacking and a collaborative pentest community of technology tinkerers. Jesus...
Feb 11, 2021
Est Read Time: 4 min

How to Communicate the Business Impact of Vulnerabilities

You’ve discovered a new vulnerability in your infrastructure. If you’re lucky, it’s something you can handle without...
Feb 8, 2021
Est Read Time: 3 min

A Pentester’s Guide to WebSocket Pentesting

What is WebSocket Hijacking? As OWASP states, the HTTP protocol only allows one request/response per TCP connection....
Feb 5, 2021
Est Read Time: 4 min

Prevent Whaling Phishing Attacks with Cybersecurity Awareness

Although whale phishing isn’t anything new and existed since the early 90s, the FBI reports an increase in cyberattacks...
Jan 29, 2021
Est Read Time: 5 min

Bypassing the Protections — MFA Bypass Techniques for the Win

Multi-Factor Authentication (MFA) often known as Two-Factor Authentication (2FA) is an added layer of protection added...
Jan 27, 2021
Est Read Time: 6 min

A Pentester’s Guide to Code Injection

Learn about code injection vulnerabilities with the Pentester’s Guide to Code Injection.
Jan 8, 2021
Est Read Time: 3 min

Top Ten Famous Hackers

*This article was refreshed in January 2023. The top hackers in the world come from different backgrounds and...
Jan 5, 2021
Est Read Time: 10 min

Exploring Valuable Pentester Traits: Top Cobalt Core Pentesters of 2020

Each year we survey the Cobalt Core, our pentester community, to hear who they enjoyed working with the most. We like...
Dec 30, 2020
Est Read Time: 3 min

A Pentester's Guide to Server Side Template Injection (SSTI)

Server-side template injection is a vulnerability where the attacker injects malicious input into a template to execute commands on the server-side.
Dec 24, 2020
Est Read Time: 3 min

    Always get the latest

    Sign up to get Cobalt insights delivered right to your inbox so you never miss a story.

    More resources

    Learn pentesting best practices, read answers to our most common questions
    and get our technical docs.