Event
Join cybersecurity experts from Slack, Riot Games, EY and more at our upcoming roadshow. 

Community

Web Socket Vulnerabilites

WebSockets are an exciting technology that has been gaining traction in the industry. Many companies are using the technology, especially in their real-time services
Sep 27, 2022
Est Read Time: 8 min

Pentester Diaries: Full-time Freelance Pentesting

This episode of Pentester Diaries is about the benefits of being a full-time freelance pentester. I sat down with Core Pentesters Harsh Bothra and Parveen Yadav to talk about their daily lives and how they manage to be a full-time freelancer.
Sep 14, 2022
Est Read Time: 2 min

Is your wifi connection secure? How attackers take advantage of public WIFI

Do you connect to public wifi networks when you are out? You might be putting yourself and your data at risk. Core Pentester Orhan Yildirim shares how attackers take advantage of these public networks.
Sep 6, 2022
Est Read Time: 5 min

Kentucky's Newest Con: Hack Red Con

Cobalt will be at Hack Red Con for its inaugural year in Louisville this September. The conference was started by Core Pentester Zach Stashis.
Sep 1, 2022
Est Read Time: 2 min

Cobalt Pentest Case Study: OAuth Redirect to Account Takeover

Cobalt Core Penteser Edu Garcia recently used an interesting attack method while working on a Cobalt pentest. In this blog, he shares how he did it and provides a solution to the vulnerability.
Aug 31, 2022
Est Read Time: 3 min

Pentester Spotlight: Apoorva Jois; Do you want to build or break?

Do you want to build or break? That's the million-dollar question that got Core Pentester Apoorva Jois interested in hacking. She walked us through her journey as a Pentester on the younger side of the industry.
Aug 26, 2022
Est Read Time: 3 min

File Upload Vulnerabilities

This blog aims to demonstrate how applications can be compromised using simple file upload functionalities. Core Pentester Shubham Chaskar will show how to bypass common defense mechanisms and upload web shells.
Aug 24, 2022
Est Read Time: 8 min

Then & Now: Nastor

Nicolas Astor, aka "Nastor," has been a part of Cobalt's Core since December 2020. We sat with him to talk about how he and Cobalt have changed over the year.
Aug 22, 2022
Est Read Time: 2 min

Graph Query Language Explained

Cobalt Core Pentester Harsh Bothra explains Graph Query Language and how attackers use it. Read his guide to learn how attackers think and take advantage.
Aug 18, 2022
Est Read Time: 8 min
    1 2 3 4