REPORT
AI & Pentesting Pulse 2026: The 6 things elite security teams do differently to close the risk gap
GET REPORT
REPORT
AI & Pentesting Pulse 2026: The 6 things elite security teams do differently to close the risk gap
GET REPORT

Cobalt Core (8)

See all content

Introduction to LDAP Injection Attack

February 13, 2023
Est Read Time: 7 min
LDAP (Lightweight Directory Access Protocol) is a protocol for accessing and managing directory services over a network. LDAP injection is a type of attack that targets vulnerabilities in implementations of the LDAP. Core Pentester Harsh Bothra shows us how an attacker does this injection and how to protect against it.
Read more
Cobalt Core Vulnerabilities

Cybersecurity Certifications, how much do they really matter?

February 1, 2023
Est Read Time: 5 min
Cybersecurity certifications can benefit individuals with 1-4 years of experience when looking for new job opportunities. Certifications alone don't necessarily make someone a good pentester and should be considered in conjunction with professional experience.
Read more
Cobalt Core
Pentester Insights: Deep Dive in Web Cache Poisoning Attacks

Hacking Web Cache - Deep Dive in Web Cache Poisoning Attacks

January 31, 2023
Est Read Time: 9 min
Web cache poisoning is an attack where an attacker takes advantage of flaws in the caching mechanism. They attempt to store an altered and malicious response in the cache entry, forcing the website to serve malicious information to its users.  Core Pentester Harsh Bothra deep dives into these attacks and remediations.
Read more
Cobalt Core Web Application Pentesting Vulnerabilities

Then & Now: Harsh Bothra

January 19, 2023
Est Read Time: 3 min
Core Pentester Harsh Bothra joined Cobalt a little over two years ago. Since then, he has become a Pentest Lead and worked on endless engagements. He takes this time to reflect on how things have changed since his first test.
Read more
Cobalt Core

A Dive into Client-Side Desync Attacks

January 16, 2023
Est Read Time: 7 min
A client-side desync, a.k.a CSD, is an attack in which the victim's web browser is tricked into desynchronizing its connection to the vulnerable website. Core Pentester Harsh Bothra takes a look at how attackers can find these vulnerabilities in the wild.
Read more
Cobalt Core Vulnerabilities

2023 Q1 Pentester of the Quarter: Sanyam Chawla

January 6, 2023
Est Read Time: 3 min
Congratulations to Sanyam Chawla for winning the Pentester of the Quarter Award for Q1. Sanyam was nominated by his peers due to being a great teammate and leader in the Core.
Read more
Cobalt Core
A Pentester's Guide to Prototype Solution Attacks

A Pentester’s Guide to Prototype Pollution Attacks

January 2, 2023
Est Read Time: 8 min
Core Pentester Harsh Bothra guides us through prototype pollution attacks in his latest blog. This covers a security vulnerability that allows attackers to exploit JavaScript runtimes.
Read more
Cobalt Core Vulnerabilities

2022 Pentester Spotlight Recaps

December 30, 2022
Est Read Time: 3 min
With 2023 just around the corner, we wanted to reflect on our Pentester Spotlights from this year. Our Pentester Spotlight series is focused on highlighting the Cobalt Core Pentesters and putting a face to their work
Read more
Cobalt Core
Pentester Spotlight: Saad Nasir

Pentester Spotlight: Saad Nasir

December 28, 2022
Est Read Time: 3 min
Saad Nasir has been a member of the Cobalt Core for a little over six months. He has contributed to Cobalt's content pieces and was recently featured on the Hacker Corner podcast.
Read more
Cobalt Core
    6 7 8 9 10
    RSS
    Cobalt_homepage_cta_image@2x-1