Menu Icon
< back to main

Cobalt Core

 • 6 min read

UX-Friendly Enumeration Protection in Ruby on Rails

How to avoid revealing the existence of records to attackers in web applications, while keeping a good user experience for legit users ...

Christian Hansen
Christian Hansen
Cobalt CorePentester Guides
.git — The Hidden Danger
 • 3 min read

.git — The Hidden Danger

Git is great versioning system that I am actively using while doing some development.

What does it take to be a top Cobalt Core researcher?
 • 3 min read

What does it take to be a top Cobalt Core researcher?

Comments from the top security researchers from 2018 as chosen by their peers.

How customer collaboration during a pentest can lead to finding a Remote Code Execution (RCE)
 • 3 min read

How customer collaboration during a pentest can lead to finding a Remote Code Execution (RCE)

Cobalt asked me to share a blog post about a Remote Code Execution vulnerability that I identified in a past pentest. Although I don't…

A Pentester’s Guide to Code Injection
 • 5 min read

A Pentester’s Guide to Code Injection

Learn about code injection vulnerabilities with the Pentester’s Guide to Code Injection.

A Pentester’s Guide to Server Side Request Forgery (SSRF)
 • 4 min read

A Pentester’s Guide to Server Side Request Forgery (SSRF)

Busra Demir examines the common security vulnerability, Server Side Request Forgery (SSRF).

A Pentester’s Guide to SQL Injection (SQLi)
 • 7 min read

A Pentester’s Guide to SQL Injection (SQLi)

Never miss a story

Stay updated about Cobalt news as it happens