NEW FEATURE
Cobalt PtaaS + DAST combines manual pentests and automated scanning for comprehensive applications security.
NEW FEATURE
Cobalt PtaaS + DAST combines manual pentests and automated scanning for comprehensive applications security.

Community (6)

6 Things Cobalt Core Pentesters Learned in 2022

Happy 12 Days of Ptaas! On the 6th day of PtaaS, Cobalt gave to me six things that Core Pentesters learned this year. From technical to soft skills, check out what they had to say.
Dec 8, 2022
Est Read Time: 3 min

Hunting for Broken Link Hijacking (BLH)

How often are you checking to ensure there are no broken links on your webpage? If you aren't checking, attackers could be taking advantage using a broken link hijacking attack. Core Pentester Harsh Bothra writes about what scenarios to watch out for.
Dec 7, 2022
Est Read Time: 4 min

Then & Now: Sagar Parmar

Sagar Parmar has been a Cobalt Core Pentester for almost six years. He learned about Cobalt through another Core Pentester and loves how PtaaS has worked compared to bug bounty programs.
Dec 6, 2022
Est Read Time: 3 min

JSON Web Tokens

JSON Web Token (JWT) is an open standard that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. With the rise of JWT, Core Pentester Saad Nasir gives an introduction to the new security token.
Dec 5, 2022
Est Read Time: 9 min

Pentester Spotlight: Razvan Ionescu, Romania's 3rd GIAC Security Expert

Razvan Ionescu has been pentesting with the Cobalt Core since 2018. He recently became a GIAC Security Expert, Romania's third. Read more about Razvan in his Pentester Spotlight.
Nov 30, 2022
Est Read Time: 5 min

Introduction to Serverless Vulnerabilities

Core Pentester Harsh Bothra introduces us to serverless vulnerabilities. He reviews the top 10 vulnerabilities and concludes with how to remediate them.
Nov 23, 2022
Est Read Time: 6 min

Red Teaming vs. Pentesting

Core Pentester Saad Nasir writes about what the difference between red teaming and pentesting is based on his own experiences. Saad is a Pentester in Cobalt's Core and on the Red Team at SolarWinds.
Nov 21, 2022
Est Read Time: 2 min

Common Vulnerabilities in NodeJS Applications

Node.js is an open-source and cross-platform JavaScript runtime environment. Today we are going to look at 3 different vulnerabilities by analyzing the source code of an application and how you can detect and exploit them. 
Nov 18, 2022
Est Read Time: 7 min

A pentester's guide to entrepreneurship

Shashank was Cobalt's first ever pentester. Now he is the CEO and Founder of his company CredShields, a security audit company, while still testing in the Core.
Nov 16, 2022
Est Read Time: 3 min
    4 5 6 7 8