NEW FEATURE
Cobalt PtaaS + DAST combines manual pentests and automated scanning for comprehensive applications security.
NEW FEATURE
Cobalt PtaaS + DAST combines manual pentests and automated scanning for comprehensive applications security.

Community (6)

6 Things Cobalt Core Pentesters Learned in 2022

Happy 12 Days of Ptaas! On the 6th day of PtaaS, Cobalt gave to me six things that Core Pentesters learned this year. From technical to soft skills, check out what they had to say.
Pentester Stories Community
Dec 8, 2022
Est Read Time: 3 min
Read more
Hunting for Broken Link Hijacking (BLH) cover image

Hunting for Broken Link Hijacking (BLH)

How often are you checking to ensure there are no broken links on your webpage? If you aren't checking, attackers could be taking advantage using a broken link hijacking attack. Core Pentester Harsh Bothra writes about what scenarios to watch out for.
Pentester Guides Community
Dec 7, 2022
Est Read Time: 4 min
Read more

Then & Now: Sagar Parmar

Sagar Parmar has been a Cobalt Core Pentester for almost six years. He learned about Cobalt through another Core Pentester and loves how PtaaS has worked compared to bug bounty programs.
Pentester Stories Community
Dec 6, 2022
Est Read Time: 3 min
Read more

JSON Web Tokens

JSON Web Token (JWT) is an open standard that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. With the rise of JWT, Core Pentester Saad Nasir gives an introduction to the new security token.
Pentester Guides Community
Dec 5, 2022
Est Read Time: 9 min
Read more

Pentester Spotlight: Razvan Ionescu, Romania's 3rd GIAC Security Expert

Razvan Ionescu has been pentesting with the Cobalt Core since 2018. He recently became a GIAC Security Expert, Romania's third. Read more about Razvan in his Pentester Spotlight.
Pentester Stories Community
Nov 30, 2022
Est Read Time: 5 min
Read more

Introduction to Serverless Vulnerabilities

Core Pentester Harsh Bothra introduces us to serverless vulnerabilities. He reviews the top 10 vulnerabilities and concludes with how to remediate them.
Pentester Guides Community
Nov 23, 2022
Est Read Time: 6 min
Read more
Redteaming vs. Pentesting

Red Teaming vs. Pentesting

Core Pentester Saad Nasir writes about what the difference between red teaming and pentesting is based on his own experiences. Saad is a Pentester in Cobalt's Core and on the Red Team at SolarWinds.
Pentester Guides Community
Nov 21, 2022
Est Read Time: 2 min
Read more

Common Vulnerabilities in NodeJS Applications

Node.js is an open-source and cross-platform JavaScript runtime environment. Today we are going to look at 3 different vulnerabilities by analyzing the source code of an application and how you can detect and exploit them. 
Pentester Guides Community
Nov 18, 2022
Est Read Time: 7 min
Read more
A Pentester's Guide to Entrepreneurship

A pentester's guide to entrepreneurship

Shashank was Cobalt's first ever pentester. Now he is the CEO and Founder of his company CredShields, a security audit company, while still testing in the Core.
Pentester Stories Community
Nov 16, 2022
Est Read Time: 3 min
Read more
    4 5 6 7 8