If you missed the PtaaS Exchange in person, join us virtually to learn how to improve your security program in 2023.

Become a Pentester

We connect freelance pentesters to customers across the globe

Join our elite community of freelance pentesters where you can test various applications, grow your network, get paid, and more. 

Cobalt-Our Pentesters-Header Image@2x


Why join the Core?

Here are a few reasons why our Core Members love pentesting with Cobalt.


Connect  – Meet, connect, and work with security professionals around the world.


Learn – Test different applications and technologies across various industries.


Flexibility – Set your capacity and select what types of pentests to participate in and when.


Payment – Get paid for your time and energy and overall effort, not per vulnerability.


Grow – Develop soft skills such as critical thinking, problem-solving, professional writing, teamwork, and management skills.


Engagement – Participate in collaborative pentesting experiences and leave the organizational management of freelancing to our team.

Additional Programs

Additional Programs –Take part in the rewards program, special events, content initiatives, and more.

Pentesting vs. Bug Bounty

Explore the key differences between Freelance Pentesting and Bug Bounty career paths.

Pentesting and Bug Bounty are both valuable and important in the cybersecurity space. Here we explore the key differences between the two. When it comes to pentesting, communication and collaboration between customers and pentesters are crucial to a successful engagement. 
  • Payment Based on Time and Effort
  • Dedicated scope of work
  • Established time frame
  • Collaboration and Communication
  • Networking Opportunities
Cobalt-Homepage-Andreea Cristina Druga-Headshot
Andreea Druga
Cobalt Core Member
“I am truly grateful to be a part of the Cobalt Core team. I can work alongside highly-skilled security professionals. Each project is different, and I can work with different technologies and industries. The ability to work with the product teams allows for great communication and collaboration. Giving us an outlet to ask questions, get them answered right away, get feedback in real-time, understand what areas are more critical to follow, and the customer is constantly updated with our progress, as well.”
Cobalt-Our Pentesters-Nikhil K Srivastava
Nikhil Srivastava
Cobalt Core Member
"The best part about being in the Cobalt Core is the environment of mutual knowledge sharing. I enjoy connecting with top pentesters around the world and learning from them and their findings. You can throw out a question in the channel and whoever knows it readily shares their insights to help."
Valerio Brussani
Valerio Brussani
Cobalt Core Member
“I really like being a part of the Cobalt Core because everyone is kind and collaborative, which makes working together easy and fun. Working freelance for Cobalt also gives me the freedom to choose my pentesting schedule.

Different types of pentests offered on the Cobalt Platform is another great aspect. With the wide variety of applications, you get the opportunity to try different exploitation techniques and continually learn about new vulnerability scenarios.”

What's going on in the Core

Build Your Brand

Core members don’t just stay busy with pentests. They also contribute to the security community at large. Check out their content.
A Penetration Tester's Guide To Web Applications
Cybersecurity is a major consideration for organizations and businesses of all types, Cybersecurity teams constantly...
Pentester Guides
Mar 29, 2023
10 Steps to Secure Your Azure Cloud Environment
The blog discusses ten essential steps to secure your Azure cloud environment, ranging from access management to network security. It emphasizes the use of Azure CLI to implement these best practices and safeguard against potential security threats. The steps include multifactor authentication, compliance standards, encryption, backups, and disaster recovery plans, among others.
Pentester Guides Community
Mar 29, 2023
OAuth Vulnerabilites Pt. 2
OAuth is a widely-used protocol that enables users to authorize third-party applications to access their data from other services, such as social media or cloud storage. However, like any technology, OAuth is not immune to vulnerabilities. This is Pt. 2 of a two-part series by Core Pentester Shubham Chaskar.
Pentester Guides Community
Mar 20, 2023

Application Process

Our Core Members go through a rigorous application process. Here we go through each step of the vetting process so you know what to expect.

Stage 1
Applications are reviewed by our community team based on tenure, skills, and expertise. The application portal can be found here.
Stage 2
Once a pentester is selected from the application process they are sent our skills assessment to test technical abilities.
Stage 3
After successful completion of the skills assessment, our team sets up a time to meet face-to-face and align on community expectations.
Stage 4
Once a pentester passes initial vetting, a background check is conducted by a third-party verification vendor. After successful completion, tax documentation, NDAs, and Cobalt Independent Contractor Agreement are signed and confirmed.
Stage 5
Members of the Core are reviewed on a continuous basis. After each engagement, pentesters review teammates and receive feedback from peers and customers.

Apply to the Cobalt Core 

Kick off the application process today to join the Cobalt Core and start getting assigned penetration testing jobs.