DAST
Continuously monitor web applications for vulnerabilities at scale with Cobalt Dynamic Application Security Testing (DAST).
DAST
Continuously monitor web applications for vulnerabilities at scale with Cobalt Dynamic Application Security Testing (DAST).

Become a Pentester

We connect freelance pentesters to customers across the globe

Join our elite community of freelance pentesters where you can test various applications, grow your network, get paid, and more. 

Cobalt-Our Pentesters-Header Image@2x

Benefits

Why join the Core?

Here are a few reasons why our Core Members love pentesting with Cobalt.

Connect

Connect  – Meet, connect, and work with security professionals around the world.

Learn

Learn – Test different applications and technologies across various industries.

Flexibility

Flexibility – Set your capacity and select what types of pentests to participate in and when.

Payment

Payment – Get paid for your time and energy and overall effort, not per vulnerability.

Grow

Grow – Develop soft skills such as critical thinking, problem-solving, professional writing, teamwork, and management skills.

Engagement

Engagement – Participate in collaborative pentesting experiences and leave the organizational management of freelancing to our team.

Additional Programs

Additional Programs –Take part in the rewards program, special events, content initiatives, and more.

Pentesting vs. Bug Bounty

Explore the key differences between Freelance Pentesting and Bug Bounty career paths.

Pentesting and Bug Bounty are both valuable and important in the cybersecurity space. Here we explore the key differences between the two. When it comes to pentesting, communication and collaboration between customers and pentesters are crucial to a successful engagement. 
  • Payment Based on Time and Effort
  • Dedicated scope of work
  • Established time frame
  • Collaboration and Communication
  • Networking Opportunities
Pentesting_vs_Bug_Hunting-1
Cobalt-Homepage-Andreea Cristina Druga-Headshot
Andreea Druga
Cobalt Core Member
“I am truly grateful to be a part of the Cobalt Core team. I can work alongside highly-skilled security professionals. Each project is different, and I can work with different technologies and industries. The ability to work with the product teams allows for great communication and collaboration. Giving us an outlet to ask questions, get them answered right away, get feedback in real-time, understand what areas are more critical to follow, and the customer is constantly updated with our progress, as well.”
Cobalt-Our Pentesters-Nikhil K Srivastava
Nikhil Srivastava
Cobalt Core Member
"The best part about being in the Cobalt Core is the environment of mutual knowledge sharing. I enjoy connecting with top pentesters around the world and learning from them and their findings. You can throw out a question in the channel and whoever knows it readily shares their insights to help."
Valerio Brussani
Valerio Brussani
Cobalt Core Member
“I really like being a part of the Cobalt Core because everyone is kind and collaborative, which makes working together easy and fun. Working freelance for Cobalt also gives me the freedom to choose my pentesting schedule.

Different types of pentests offered on the Cobalt Platform is another great aspect. With the wide variety of applications, you get the opportunity to try different exploitation techniques and continually learn about new vulnerability scenarios.”

What's going on in the Core

Build Your Brand

Core members don’t just stay busy with pentests. They also contribute to the security community at large. Check out their content.
LLMNR Poisoning, NTLM Relay and More
In this article we’ll touch on what are the hash types used in Windows systems, what is the LLMNR protocol, how it...
Pentester Guides
Jan 31, 2024
Introduction to Secure Code Review
Code is the backbone of modern software applications. Understanding the importance of secure code development is...
Pentester Guides
Oct 11, 2023
iOS App Pentesting and Security with Real-World Case Studies Part 2
In part 2 of our IOS pentesting series, we will explore two additional case studies. One of them is about a ride-sharing app, and the other is about an E-commerce app. These case studies highlight the risks associated with insecure practices in iOS app development, such as hardcoding credentials and the exploitation of third-party libraries, emphasizing the importance of secure coding, data storage, and access control measures.
Pentester Guides Community
Jun 26, 2023

Application Process

Our Core Members go through a rigorous application process. Here we go through each step of the vetting process so you know what to expect.

Stage 1
Application
Applications are reviewed by our community team based on tenure, skills, and expertise.
Stage 2
Assessment
Once a pentester is selected from the application process they are sent our skills assessment to test technical abilities.
Stage 3
Vetting
After successful completion of the skills assessment, our team sets up a time to meet face-to-face and align on community expectations.
Stage 4
Verification
Once a pentester passes initial vetting, a background check is conducted by a third-party verification vendor. After successful completion, tax documentation, NDAs, and Cobalt Independent Contractor Agreement are signed and confirmed.
Stage 5
CONTINUOUS EVALUATION
Members of the Core are reviewed on a continuous basis. After each engagement, pentesters review teammates and receive feedback from peers and customers.