WEBINAR
Join us to explore what 10 years of data tells us about real risks during the State of Pentesting 2025 webinar.
Register Now
Platform
Cobalt Platform
Modern offensive security platform
Dynamic Application Security Testing
Automated application security scanning
Pricing
Explore the flexible Cobalt credit model
Services
Application Security
Secure your apps without slowing down development
Application Pentest
Secure Code Review
LLM Pentest
Network Security
Protect systems and data with offensive security
Network Pentest
Red Teaming
Cloud Security
Secure your cloud infrastructure
Brand Protection
Safeguard your reputation
Digital Risk Assessment
Device Security
Secure your devices from threats
Device Hardening
IoT Testing
Solutions
PtaaS
On-demand Pentesting as a Service
Goal-Based Pentest
Simulated attack to test your security defenses
Compliance
Comprehensive pentesting for compliance
Secure SDLC
Develop securely and deploy confidently
Offensive Security Program
Minimize risk efficiently and effectively
For Small Businesses
Pentesting for growing business needs
For IT & Information Security Teams
Explore the benefits of an offensive security platform
For DevOps Teams
Explore the benefits of continuous security testing
About
Why Cobalt
Why сustomers сhoose Cobalt
About Us
Who we are
Leadership
The minds driving our mission forward
Cobalt Core
Community of skilled, vetted security experts
Partners
Explore Cobalt's partner network
Customers
Real customer stories straight from the source
Press
Read the latest news at Cobalt
Careers
Redefine and reimagine modern offensive security
Contact Us
Connect with a team member
GigaOm Radar Report
Featured
Download
Resources
Resource Library
Rethinking offensive security
Blog
Insights from security leaders, pentesters, and developers
Events & Webinars
Explore thought-provoking security topics
InfoSec Podcast
Explore the stories of cybersecurity experts
State of Pentesting Report 2025
Featured
Download
login
get started
State of Pentesting Webinar
Platform
Cobalt Platform
Modern offensive security platform
Dynamic Application Security Testing
Automated application security scanning
Pricing
Explore the flexible Cobalt credit model
Services
Application Security
Secure your apps without slowing down development
Application Pentest
Secure Code Review
LLM Pentest
Network Security
Protect systems and data with offensive security
Network Pentest
Red Teaming
Cloud Security
Secure your cloud infrastructure
Brand Protection
Safeguard your reputation
Digital Risk Assessment
Device Security
Secure your devices from threats
Device Hardening
IoT Testing
Solutions
PtaaS
On-demand Pentesting as a Service
Goal-Based Pentest
Simulated attack to test your security defenses
Compliance
Comprehensive pentesting for compliance
Secure SDLC
Develop securely and deploy confidently
Offensive Security Program
Minimize risk efficiently and effectively
For Small Businesses
Pentesting for growing business needs
For IT & Information Security Teams
Explore the benefits of an offensive security platform
For DevOps Teams
Explore the benefits of continuous security testing
About
Why Cobalt
Why сustomers сhoose Cobalt
About Us
Who we are
Leadership
The minds driving our mission forward
Cobalt Core
Community of skilled, vetted security experts
Partners
Explore Cobalt's partner network
Customers
Real customer stories straight from the source
Press
Read the latest news at Cobalt
Careers
Redefine and reimagine modern offensive security
Contact Us
Connect with a team member
GigaOm Radar Report
Featured
Download
Resources
Resource Library
Rethinking offensive security
Blog
Insights from security leaders, pentesters, and developers
Events & Webinars
Explore thought-provoking security topics
InfoSec Podcast
Explore the stories of cybersecurity experts
State of Pentesting Report 2025
Featured
Download
login
get started
WEBINAR
Join us to explore what 10 years of data tells us about real risks during the State of Pentesting 2025 webinar.
Register Now
Pentester Guides (9)
Filter by Topic
Agile Pentesting
AI Pentesting
API Pentesting
Awards
Cloud Security
Cobalt Core
Compliance
Customer Stories
Cybersecurity Insights
Cybersecurity Services
DevSecOps
Events
Industry Breakdowns
Life at Cobalt
Mobile Application Pentesting
Modernizing Pentesting
NEWS
OWASP Top 10
Partners
Pentester Guides
Pentester Stories
Pentesting: Tips, Tricks, Advice
Product Updates
PTaaS
State of Pentesting
Web Application Pentesting
See all content
Got Cookies? Exploring Cookie Based Authentication Vulnerabilities in the Wild
Cookies are a widely used way to enable authentication in many of the applications out there. Over time, there has been...
Pentester Guides
Mar 2, 2021
Est Read Time: 6 min
Read more
A Pentester’s Guide to File Inclusion
Read the Pentester’s Guide to File Inclusion for key insights into this common vulnerability.
Cobalt Core
Pentester Guides
Feb 19, 2021
Est Read Time: 4 min
Read more
Scope Based Recon Methodology: Exploring Tactics for Smart Recon
Reconnaissance (aka Recon) is an essential process in pentesting, especially Black Box Pentesting, where you don't have...
Pentester Guides
Feb 16, 2021
Est Read Time: 10 min
Read more
A Pentester’s Guide to WebSocket Pentesting
What is WebSocket Hijacking? As OWASP states, the HTTP protocol only allows one request/response per TCP connection....
Pentester Guides
Web Application Pentesting
Feb 5, 2021
Est Read Time: 4 min
Read more
Bypassing the Protections — MFA Bypass Techniques for the Win
Multi-Factor Authentication (MFA) often known as Two-Factor Authentication (2FA) is an added layer of protection added...
Pentester Guides
Jan 27, 2021
Est Read Time: 6 min
Read more
A Pentester’s Guide to Code Injection
Learn about code injection vulnerabilities with the Pentester’s Guide to Code Injection.
Cobalt Core
Pentester Guides
Jan 8, 2021
Est Read Time: 3 min
Read more
A Pentester's Guide to Server Side Template Injection (SSTI)
Server-side template injection is a vulnerability where the attacker injects malicious input into a template to execute commands on the server-side.
Cobalt Core
Pentester Guides
Dec 24, 2020
Est Read Time: 3 min
Read more
A Pentester’s Guide to Command Injection
Get expert insights with a command injection tutorial with insights from pentesting experts at Cobalt, a Pentest as a Service (PtaaS) provider.
Pentester Guides
Dec 11, 2020
Est Read Time: 3 min
Read more
How to Execute an XML External Entity Injection (XXE)
What's XXE? An XML External Entity vulnerability is a type of attack against an application that parses XML input. This...
Pentester Guides
Nov 26, 2020
Est Read Time: 4 min
Read more
7
8
9
10
11
.svg){kind=icon}
.svg){kind=icon}
