Black Hat | Def Con 2024
Are you attending Black Hat? Meet the Cobalt team and Core at booth #2913!
Black Hat | Def Con 2024
Are you attending Black Hat? Meet the Cobalt team and Core at booth #2913!

Community (4)

Risks of Open-Source Software

This article provides an overview of what open-source software is and its history. Core Pentester Ninad Mathpati explains that open-source software is any program whose source code is made available for use or modification and is developed as a public, open collaboration.
Pentester Guides Community
Feb 8, 2023
Est Read Time: 8 min
Read more

API Security Best Practices

As the devices providing Internet access increase daily, the traditional Monolith architecture has been replaced by the Microservice architecture due to the advantages such as scalability, faster deployment, ease of management, and many more. Core Pentester Orhan Yildirim shares his best practices for API Security.
Pentester Guides Community
Feb 3, 2023
Est Read Time: 4 min
Read more

Cybersecurity Certifications, how much do they really matter?

Cybersecurity certifications can benefit individuals with 1-4 years of experience when looking for new job opportunities. Certifications alone don't necessarily make someone a good pentester and should be considered in conjunction with professional experience.
Pentester Stories Community
Feb 1, 2023
Est Read Time: 5 min
Read more
Pentester Insights: Deep Dive in Web Cache Poisoning Attacks

Hacking Web Cache - Deep Dive in Web Cache Poisoning Attacks

Web cache poisoning is an attack where an attacker takes advantage of flaws in the caching mechanism. They attempt to store an altered and malicious response in the cache entry, forcing the website to serve malicious information to its users.  Core Pentester Harsh Bothra deep dives into these attacks and remediations.
Pentester Guides Community
Jan 31, 2023
Est Read Time: 11 min
Read more

OAuth Vulnerabilites Pt. 1

Welcome to part one of OAuth Vulnerabilities. Core Pentester Shubham Chaskar overviews Oauth, commonly used grant types, entities, misconfiguration, and more.
Pentester Guides Community
Jan 23, 2023
Est Read Time: 10 min
Read more

Then & Now: Harsh Bothra

Core Pentester Harsh Bothra joined Cobalt a little over two years ago. Since then, he has become a Pentest Lead and worked on endless engagements. He takes this time to reflect on how things have changed since his first test.
Pentester Stories Community
Jan 19, 2023
Est Read Time: 3 min
Read more

A Dive into Client-Side Desync Attacks

A client-side desync, a.k.a CSD, is an attack in which the victim's web browser is tricked into desynchronizing its connection to the vulnerable website. Core Pentester Harsh Bothra takes a look at how attackers can find these vulnerabilities in the wild.
Pentester Guides Community
Jan 16, 2023
Est Read Time: 7 min
Read more

Deep Dive into GraphQL Pt. 2

Welcome to part two of GraphQL! Core Pentester Michael Adcock tackles our newest deep dive into the open-source data query.
Pentester Guides Community
Jan 9, 2023
Est Read Time: 6 min
Read more

2023 Q1 Pentester of the Quarter: Sanyam Chawla

Congratulations to Sanyam Chawla for winning the Pentester of the Quarter Award for Q1. Sanyam was nominated by his peers due to being a great teammate and leader in the Core.
Pentester Stories Community
Jan 6, 2023
Est Read Time: 3 min
Read more
    2 3 4 5 6