NEW FEATURE
Cobalt PtaaS + DAST combines manual pentests and automated scanning for comprehensive applications security.
NEW FEATURE
Cobalt PtaaS + DAST combines manual pentests and automated scanning for comprehensive applications security.

Harsh Bothra

Harsh Bothra is a Security Engineer with expertise in Web application, API, Android Application, Thick Client, and Network Pentesting. He has over 5 years of experience in Cybersecurity and penetration testing. He has written multiple books on ethical hacking including Mastering Hacking and Hacking: Be a Hacker with Ethics, presented at various security conferences, and is an active bug bounty hunter.

Introduction to Serverless Vulnerabilities

Core Pentester Harsh Bothra introduces us to serverless vulnerabilities. He reviews the top 10 vulnerabilities and concludes with how to remediate them.
Nov 23, 2022
Est Read Time: 6 min

Web Socket Vulnerabilites

WebSockets are an exciting technology that has been gaining traction in the industry. Many companies are using the technology, especially in their real-time services
Sep 27, 2022
Est Read Time: 9 min

Secure Software Best Practices: Protect Against Server-Side Request Forgery

See examples of Server-Side Request Forgery (SSRF) exploitation, and learn how to minimize your risks.
Sep 26, 2022
Est Read Time: 7 min

Graph Query Language Explained

Cobalt Core Pentester Harsh Bothra explains Graph Query Language and how attackers use it. Read his guide to learn how attackers think and take advantage.
Aug 18, 2022
Est Read Time: 8 min

Got Cookies? Exploring Cookie Based Authentication Vulnerabilities in the Wild

Cookies are a widely used way to enable authentication in many of the applications out there. Over time, there has been...
Mar 2, 2021
Est Read Time: 6 min

Scope Based Recon Methodology: Exploring Tactics for Smart Recon

Reconnaissance (aka Recon) is an essential process in pentesting, especially Black Box Pentesting, where you don't have...
Feb 16, 2021
Est Read Time: 10 min

Bypassing the Protections — MFA Bypass Techniques for the Win

Multi-Factor Authentication (MFA) often known as Two-Factor Authentication (2FA) is an added layer of protection added...
Jan 27, 2021
Est Read Time: 6 min
    1 2