If you missed the PtaaS Exchange in person, join us virtually to learn how to improve your security program in 2023.

Pentester Guides (3)

Web Socket Vulnerabilites

WebSockets are an exciting technology that has been gaining traction in the industry. Many companies are using the technology, especially in their real-time services
Sep 27, 2022
Est Read Time: 8 min

Secure Software Best Practices: Protect Against Server-Side Request Forgery

See examples of Server-Side Request Forgery (SSRF) exploitation, and learn how to minimize your risks.
Sep 26, 2022
Est Read Time: 7 min

Secure Software Best Practices: Validate User Input

Protect your systems from bad user input. In this article, we share best practices to validate user input, securely.
Sep 23, 2022
Est Read Time: 6 min

Secure Software Best Practices: Prevent Security Misconfigurations

Configure your software properly to avoid security issues.
Sep 21, 2022
Est Read Time: 4 min

Is your wifi connection secure? How attackers take advantage of public WIFI

Do you connect to public wifi networks when you are out? You might be putting yourself and your data at risk. Core Pentester Orhan Yildirim shares how attackers take advantage of these public networks.
Sep 6, 2022
Est Read Time: 5 min

Cobalt Pentest Case Study: OAuth Redirect to Account Takeover

Cobalt Core Penteser Edu Garcia recently used an interesting attack method while working on a Cobalt pentest. In this blog, he shares how he did it and provides a solution to the vulnerability.
Aug 31, 2022
Est Read Time: 3 min

File Upload Vulnerabilities

This blog aims to demonstrate how applications can be compromised using simple file upload functionalities. Core Pentester Shubham Chaskar will show how to bypass common defense mechanisms and upload web shells.
Aug 24, 2022
Est Read Time: 8 min

Graph Query Language Explained

Cobalt Core Pentester Harsh Bothra explains Graph Query Language and how attackers use it. Read his guide to learn how attackers think and take advantage.
Aug 18, 2022
Est Read Time: 8 min

Hacking Solidity Smart Contracts

Today we will look at hacking smart contracts written using the Solidity programming language. We will fix an overflow/underflow vulnerability on PWNX Academy
Aug 10, 2022
Est Read Time: 7 min
    1 2 3 4 5