WEBINAR
Compliant vs. Secure: A CISO and CEO Discuss How to Manage Real-World Risk
WEBINAR
Compliant vs. Secure: A CISO and CEO Discuss How to Manage Real-World Risk

Pentester Guides (2)

Think Like an Attacker: Using OSINT to Safeguard Your Organization

In the cybersecurity world, knowledge is power. Threat actors have become increasingly adept at using Open-Source...
October 4, 2024
Est Read Time: 5 min

Pentester Guide: Weak or Default Credentials

Weak or default credentials are a common security flaw that attackers can exploit with minimal effort. They often lead...
September 24, 2024
Est Read Time: 4 min

What is an Attack Vector? Defending against 23 Common Attack Vectors

Attack vector management forms the foundation for effective cybersecurity. Understanding the attack vectors that...
September 9, 2024
Est Read Time: 14 min

10 Questions with Aditya Raj Singh: Pentester Spotlight

The Cobalt Pentester Spotlight highlights the fascinating journey of our Core members. Through an interview style, we...
September 5, 2024
Est Read Time: 4 min

Testing for Reflective XSS

Reflected XSS, also known as Reflected Cross-Site Scripting, is a dangerous vulnerability that occurs when a web...
June 24, 2024
Est Read Time: 16 min

Browser Security: Same Origin Policy vs CORS, Misconfigurations

This blog guides how to understand and evaluate CORS (Cross-Origin Resource Sharing) misconfigurations. As pentesters,...
June 11, 2024
Est Read Time: 12 min

LLMNR Poisoning, NTLM Relay and More

In this article we’ll touch on what are the hash types used in Windows systems, what is the LLMNR protocol, how it...
January 31, 2024
Est Read Time: 14 min

iOS App Pentesting and Security with Real-World Case Studies Part 2

In part 2 of our IOS pentesting series, we will explore two additional case studies. One of them is about a ride-sharing app, and the other is about an E-commerce app. These case studies highlight the risks associated with insecure practices in iOS app development, such as hardcoding credentials and the exploitation of third-party libraries, emphasizing the importance of secure coding, data storage, and access control measures.
June 26, 2023
Est Read Time: 3 min

Learning iOS App Pentesting and Security Part 1

This blog is a three-part series focused on iOS app penetration testing. Swaroop Yermalkar, who is a Core Penetration Tester, shares their experiences and knowledge in various types of pentesting, including mobile app security. The blog aims to provide a comprehensive guide to improving knowledge of iOS security and penetration testing methodologies through real-world case studies.
June 13, 2023
Est Read Time: 5 min
    1 2 3 4 5