EXEC WEBINAR
Ready to build a risk-driven pentesting program that integrates seamlessly into your AppSec strategy? Register today!
EXEC WEBINAR
Ready to build a risk-driven pentesting program that integrates seamlessly into your AppSec strategy? Register today!

Cobalt Core (4)

See all content
Introduction to Chrome Browser Extension Security Testing cover image

Introduction to Chrome Browser Extension Security Testing

Browser extensions are software components that enhance the functionality of existing programs, specifically web browsers by modifying the user interface and interaction with websites, allowing users to customize their browsing experience. However, they also pose a security risk as they interact directly with untrusted web content and have vulnerabilities that malicious website operators and network attackers can exploit. This blog highlights the importance of Chrome browser extension security, permissions, testing for vulnerabilities, real-time attack scenarios, and mitigation methods.
Cobalt Core Pentester Guides
Feb 20, 2023
Est Read Time: 13 min
Read more

Getting Started in Pentesting

Interested in pentesting but don't know where to start? Our Core Pentesters have you covered. Read to hear their tips and advice on how to get started.
Cobalt Core
Feb 16, 2023
Est Read Time: 4 min
Read more

Introduction to LDAP Injection Attack

LDAP (Lightweight Directory Access Protocol) is a protocol for accessing and managing directory services over a network. LDAP injection is a type of attack that targets vulnerabilities in implementations of the LDAP. Core Pentester Harsh Bothra shows us how an attacker does this injection and how to protect against it.
Cobalt Core Pentester Guides
Feb 13, 2023
Est Read Time: 7 min
Read more

Cybersecurity Certifications, how much do they really matter?

Cybersecurity certifications can benefit individuals with 1-4 years of experience when looking for new job opportunities. Certifications alone don't necessarily make someone a good pentester and should be considered in conjunction with professional experience.
Pentester Stories Cobalt Core
Feb 1, 2023
Est Read Time: 5 min
Read more
Pentester Insights: Deep Dive in Web Cache Poisoning Attacks

Hacking Web Cache - Deep Dive in Web Cache Poisoning Attacks

Web cache poisoning is an attack where an attacker takes advantage of flaws in the caching mechanism. They attempt to store an altered and malicious response in the cache entry, forcing the website to serve malicious information to its users.  Core Pentester Harsh Bothra deep dives into these attacks and remediations.
Cobalt Core Pentester Guides Web Application Pentesting
Jan 31, 2023
Est Read Time: 9 min
Read more

Then & Now: Harsh Bothra

Core Pentester Harsh Bothra joined Cobalt a little over two years ago. Since then, he has become a Pentest Lead and worked on endless engagements. He takes this time to reflect on how things have changed since his first test.
Pentester Stories Cobalt Core
Jan 19, 2023
Est Read Time: 3 min
Read more

A Dive into Client-Side Desync Attacks

A client-side desync, a.k.a CSD, is an attack in which the victim's web browser is tricked into desynchronizing its connection to the vulnerable website. Core Pentester Harsh Bothra takes a look at how attackers can find these vulnerabilities in the wild.
Cobalt Core Pentester Guides
Jan 16, 2023
Est Read Time: 7 min
Read more

2023 Q1 Pentester of the Quarter: Sanyam Chawla

Congratulations to Sanyam Chawla for winning the Pentester of the Quarter Award for Q1. Sanyam was nominated by his peers due to being a great teammate and leader in the Core.
Pentester Stories Cobalt Core
Jan 6, 2023
Est Read Time: 3 min
Read more
A Pentester's Guide to Prototype Solution Attacks

A Pentester’s Guide to Prototype Pollution Attacks

Core Pentester Harsh Bothra guides us through prototype pollution attacks in his latest blog. This covers a security vulnerability that allows attackers to exploit JavaScript runtimes.
Cobalt Core Pentester Guides
Jan 2, 2023
Est Read Time: 8 min
Read more
    2 3 4 5 6