Platform
- - Cobalt Platform
    
    Modern offensive security platform
  - Dynamic Application Security Testing
    
    Automated application security scanning
  - Pricing
    
    Explore the flexible Cobalt credit model
Services
- - Application Security
    
    Secure your apps without slowing down development
  - Application Pentest
  - Secure Code Review
  - LLM Pentest
  - Network Security
    
    Protect systems and data with offensive security
  - Network Pentest
  - Red Teaming
- - Cloud Security
    
    Secure your cloud infrastructure
  - Brand Protection
    
    Safeguard your reputation
  - Digital Risk Assessment
  - Social Engineering
  - Device Security
    
    Secure your devices from threats
  - Device Hardening
  - IoT Testing
Solutions
- - PtaaS
    
    On-demand Pentesting as a Service
  - Goal-Based Pentest
    
    Simulated attack to test your security defenses
- - Compliance
    
    Comprehensive pentesting for compliance
  - Secure SDLC
    
    Develop securely and deploy confidently
  - Offensive Security Program
    
    Minimize risk efficiently and effectively
- - For Small Businesses
    
    Pentesting for growing business needs
  - For IT & Information Security Teams
    
    Explore the benefits of an offensive security platform
  - For DevOps Teams
    
    Explore the benefits of continuous security testing
About
- - Why Cobalt
    
    Why сustomers сhoose Cobalt
  - About Us
    
    Who we are
  - Leadership
    
    The minds driving our mission forward
  - Cobalt Core
    
    Community of skilled, vetted security experts
  - Partners
    
    Explore Cobalt's partner network
- - Customers
    
    Real customer stories straight from the source
  - Press
    
    Read the latest news at Cobalt
  - Careers
    
    Redefine and reimagine modern offensive security
  - Contact Us
    
    Connect with a team member
- - GigaOm Radar Report
    
    Featured
    
    Download
Resources
- - Resource Library
    
    Rethinking offensive security
  - Blog
    
    Insights from security leaders, pentesters, and developers
- - Events & Webinars
    
    Explore thought-provoking security topics
  - InfoSec Podcast
    
    Explore the stories of cybersecurity experts
- - State of Pentesting Report 2024
    
    Featured
    
    Download
login
get started

Platform
- - Cobalt Platform
    
    Modern offensive security platform
  - Dynamic Application Security Testing
    
    Automated application security scanning
  - Pricing
    
    Explore the flexible Cobalt credit model
Services
- - Application Security
    
    Secure your apps without slowing down development
  - Application Pentest
  - Secure Code Review
  - LLM Pentest
  - Network Security
    
    Protect systems and data with offensive security
  - Network Pentest
  - Red Teaming
- - Cloud Security
    
    Secure your cloud infrastructure
  - Brand Protection
    
    Safeguard your reputation
  - Digital Risk Assessment
  - Social Engineering
  - Device Security
    
    Secure your devices from threats
  - Device Hardening
  - IoT Testing
Solutions
- - PtaaS
    
    On-demand Pentesting as a Service
  - Goal-Based Pentest
    
    Simulated attack to test your security defenses
- - Compliance
    
    Comprehensive pentesting for compliance
  - Secure SDLC
    
    Develop securely and deploy confidently
  - Offensive Security Program
    
    Minimize risk efficiently and effectively
- - For Small Businesses
    
    Pentesting for growing business needs
  - For IT & Information Security Teams
    
    Explore the benefits of an offensive security platform
  - For DevOps Teams
    
    Explore the benefits of continuous security testing
About
- - Why Cobalt
    
    Why сustomers сhoose Cobalt
  - About Us
    
    Who we are
  - Leadership
    
    The minds driving our mission forward
  - Cobalt Core
    
    Community of skilled, vetted security experts
  - Partners
    
    Explore Cobalt's partner network
- - Customers
    
    Real customer stories straight from the source
  - Press
    
    Read the latest news at Cobalt
  - Careers
    
    Redefine and reimagine modern offensive security
  - Contact Us
    
    Connect with a team member
- - GigaOm Radar Report
    
    Featured
    
    Download
Resources
- - Resource Library
    
    Rethinking offensive security
  - Blog
    
    Insights from security leaders, pentesters, and developers
- - Events & Webinars
    
    Explore thought-provoking security topics
  - InfoSec Podcast
    
    Explore the stories of cybersecurity experts
- - State of Pentesting Report 2024
    
    Featured
    
    Download
login
get started

Pentester Guides

Testing for Reflective XSS - Part 1 cover image

Testing for Reflective XSS - Part 1

Reflected XSS, also known as Reflected Cross-Site Scripting, is a dangerous vulnerability that occurs when a web...

Pentester Guides

Jun 24, 2024

Est Read Time: 10 min

Browser Security: Same Origin Policy vs CORS, Misconfigurations

This blog guides how to understand and evaluate CORS (Cross-Origin Resource Sharing) misconfigurations. As pentesters,...

Pentester Guides

Jun 11, 2024

Est Read Time: 12 min

LLMNR Poisoning, NTLM Relay and More

In this article we’ll touch on what are the hash types used in Windows systems, what is the LLMNR protocol, how it...

Pentester Guides

Jan 31, 2024

Est Read Time: 14 min

Introduction to Secure Code Review

Code is the backbone of modern software applications. Understanding the importance of secure code development is...

Pentester Guides

Oct 11, 2023

Est Read Time: 5 min

iOS App Pentesting and Security with Real-World Case Studies Part 2

In part 2 of our IOS pentesting series, we will explore two additional case studies. One of them is about a ride-sharing app, and the other is about an E-commerce app. These case studies highlight the risks associated with insecure practices in iOS app development, such as hardcoding credentials and the exploitation of third-party libraries, emphasizing the importance of secure coding, data storage, and access control measures.

Pentester Guides Community

Jun 26, 2023

Est Read Time: 3 min

Learning iOS App Pentesting and Security Part 1

This blog is a three-part series focused on iOS app penetration testing. Swaroop Yermalkar, who is a Core Penetration Tester, shares their experiences and knowledge in various types of pentesting, including mobile app security. The blog aims to provide a comprehensive guide to improving knowledge of iOS security and penetration testing methodologies through real-world case studies.

Pentester Guides Community

Jun 13, 2023

Est Read Time: 5 min

Video: AWAE/OSWE For Humans

This blog is a personal account from Reando Veshi of preparing for and taking the OSWE (Advanced Web Attacks and Exploitation) exam. Reando shares his experience along with tips that helped him in his journey.

Pentester Guides Community

May 30, 2023

Est Read Time: 6 min

A Pentester's Guide to Source Code Review

This blog post guides how to conduct a source code review project, focusing on advice for those new to the task. The post covers the purpose of a source code review, the process for conducting one, and the information needed to conduct a proper assessment.

Pentester Guides Community

May 15, 2023

Est Read Time: 17 min

Cobalt Core Academy: Thick Client Pentesting with Harsh Bothra cover image

Cobalt Core Academy: Thick Client Pentesting with Harsh Bothra

Learn about thick client pentests in this Cobalt Core Academy with expert insights from Cobalt Lead, Harsh Bothra.

Pentester Guides Community

May 5, 2023

Est Read Time: 3 min

1 2 3 4 5