Menu Icon
< back to main
Busra Demir

Busra Demir

Busra is a Lead Cobalt Core Pentester with a passion for offensive security research, CTFs, and certifications. She has currently completed her OSCE, OSCP, and OSWP certifications.

 • 8 min read

Anatomy of the Session Management Tests

Busra Demir examines the common security vulnerability tests for Session Management.

Busra Demir
Busra Demir
Pentester GuidesCobalt Core
How to Execute an XML External Entity Injection (XXE)
 • 4 min read

How to Execute an XML External Entity Injection (XXE)

Learn about situations where XXE can be leveraged to perform server-side request forgery (SSRF) attacks to compromise the underlying server or other back-end infrastructure.

A Pentester’s Guide to Cross-Site Scripting (XSS)
 • 7 min read

A Pentester’s Guide to Cross-Site Scripting (XSS)

Examine a common security vulnerability, Cross-Site Scripting (XSS).

Women in Cyber BNP Paribas Panel
 • 4 min read

Women in Cyber BNP Paribas Panel

Takeaways from a Female Hacker

A Pentester's Guide to Server Side Template Injection (SSTI)
 • 5 min read

A Pentester's Guide to Server Side Template Injection (SSTI)

Server-side template injection is a vulnerability where the attacker injects malicious input into a template to execute commands on the server-side.

A Pentester’s Guide to HTTP Request Smuggling
 • 5 min read

A Pentester’s Guide to HTTP Request Smuggling

Busra Demir examines the attack technique, HTTP Request Smuggling. Exploring what it is and how it works.

A Pentester’s Guide to WebSocket Pentesting
 • 6 min read

A Pentester’s Guide to WebSocket Pentesting

What is WebSocket Hijacking?

A Pentester’s Guide to SQL Injection (SQLi)
 • 7 min read

A Pentester’s Guide to SQL Injection (SQLi)

Never miss a story

Stay updated about Cobalt news as it happens