WEBINAR
GigaOm Radar Report for PTaaS: How to Make a Smarter Investment in Pentesting
WEBINAR
GigaOm Radar Report for PTaaS: How to Make a Smarter Investment in Pentesting

Cobalt Core (3)

See all content

Pentester of the Quarter: Shubham Chaskar

Cobalt is excited to announce that Shubham Chaskar is the Q2 Pentester of the Quarter!
Cobalt Core
Apr 10, 2023
Est Read Time: 1 min
Read more

CSRF & Bypasses

This article discusses Cross-Site Request Forgery (CSRF) attacks, a web security vulnerability where an attacker tricks an authenticated website user into performing an unwanted action, such as transferring funds or changing their email address, by exploiting the user's browser cookies. The article explains how CSRF attacks work and how attackers can bypass CSRF token validation to exploit vulnerabilities in web applications. It also discusses several techniques that can be used to bypass CSRF defense, including removing the referer header, bypassing the regex, and using different Content-Type values.
Cobalt Core Pentester Guides
Apr 10, 2023
Est Read Time: 8 min
Read more

Dynamic Duo: Dhiraj Mishra & Zubin Devnani

Dhiraj Mishra and Zubin Devnani, two Core Pentesters, have led ten successful fuzzing workshops together and have plans to continue. Read about how they got started in our blog about the Dynamic Duo in the Core.
Pentester Stories Cobalt Core
Apr 5, 2023
Est Read Time: 2 min
Read more

Pentester Spotlight: Herane Malhotra

This month's Pentester Spotlight features Herane Malhotra, a Core Pentester since 2021 and Lead.
Pentester Stories Cobalt Core
Mar 26, 2023
Est Read Time: 2 min
Read more

OAuth Vulnerabilites Pt. 2

OAuth is a widely-used protocol that enables users to authorize third-party applications to access their data from other services, such as social media or cloud storage. However, like any technology, OAuth is not immune to vulnerabilities. This is Pt. 2 of a two-part series by Core Pentester Shubham Chaskar.
Cobalt Core Pentester Guides
Mar 20, 2023
Est Read Time: 10 min
Read more

Active Directory Series: Active Directory Fundamentals

Active Directory is a Microsoft service that provides centralized management of user accounts, devices, and access to resources in a networked environment. It allows IT professionals to create and manage users, groups, computers, and other resources on a network, and control access to those resources based on policies and permissions.
Cobalt Core Pentester Guides
Mar 13, 2023
Est Read Time: 12 min
Read more

Pentester’s Guide to XPATH Injection

XPath is a powerful language used to query and manipulate XML documents. It allows you to extract data, transform XML documents, query large datasets, and modify the structure and content of XML documents. XPath injection attacks occur when an attacker manipulates XPath statements to gain unauthorized access to sensitive data.
Cobalt Core Pentester Guides
Feb 27, 2023
Est Read Time: 6 min
Read more

Pentester Spotlight: Goonjeta Malhotra

“Pentesting allowed me to challenge my skills and knowledge, to think of creative ways to exploit and identify vulnerabilities, and always to find ways to improve security posture." That's what Core Pentester Goonjeta Malhotra said about her journey into pentesting. Learn more about Goonjeta in here Pentester Spotlight.
Pentester Stories Cobalt Core
Feb 23, 2023
Est Read Time: 2 min
Read more
Introduction to Chrome Browser Extension Security Testing cover image

Introduction to Chrome Browser Extension Security Testing

Browser extensions are software components that enhance the functionality of existing programs, specifically web browsers by modifying the user interface and interaction with websites, allowing users to customize their browsing experience. However, they also pose a security risk as they interact directly with untrusted web content and have vulnerabilities that malicious website operators and network attackers can exploit. This blog highlights the importance of Chrome browser extension security, permissions, testing for vulnerabilities, real-time attack scenarios, and mitigation methods.
Cobalt Core Pentester Guides
Feb 20, 2023
Est Read Time: 13 min
Read more
    1 2 3 4 5