Platform
- - Cobalt Platform
    
    Modern offensive security platform
  - Dynamic Application Security Testing
    
    Automated application security scanning
  - Pricing
    
    Explore the flexible Cobalt credit model
Services
- - Application Security
    
    Secure your apps without slowing down development
  - Application Pentest
  - Secure Code Review
  - LLM Pentest
  - Network Security
    
    Protect systems and data with offensive security
  - Network Pentest
  - Red Teaming
- - Cloud Security
    
    Secure your cloud infrastructure
  - Brand Protection
    
    Safeguard your reputation
  - Digital Risk Assessment
  - Social Engineering
  - Device Security
    
    Secure your devices from threats
  - Device Hardening
  - IoT Testing
Solutions
- - PtaaS
    
    On-demand Pentesting as a Service
  - Goal-Based Pentest
    
    Simulated attack to test your security defenses
- - Compliance
    
    Comprehensive pentesting for compliance
  - Secure SDLC
    
    Develop securely and deploy confidently
  - Offensive Security Program
    
    Minimize risk efficiently and effectively
- - For Small Businesses
    
    Pentesting for growing business needs
  - For IT & Information Security Teams
    
    Explore the benefits of an offensive security platform
  - For DevOps Teams
    
    Explore the benefits of continuous security testing
About
- - Why Cobalt
    
    Why сustomers сhoose Cobalt
  - About Us
    
    Who we are
  - Leadership
    
    The minds driving our mission forward
  - Cobalt Core
    
    Community of skilled, vetted security experts
  - Partners
    
    Explore Cobalt's partner network
- - Customers
    
    Real customer stories straight from the source
  - Press
    
    Read the latest news at Cobalt
  - Careers
    
    Redefine and reimagine modern offensive security
  - Contact Us
    
    Connect with a team member
- - GigaOm Radar Report
    
    Featured
    
    Download
Resources
- - Resource Library
    
    Rethinking offensive security
  - Blog
    
    Insights from security leaders, pentesters, and developers
- - Events & Webinars
    
    Explore thought-provoking security topics
  - InfoSec Podcast
    
    Explore the stories of cybersecurity experts
- - State of Pentesting Report 2024
    
    Featured
    
    Download
login
get started

Platform
- - Cobalt Platform
    
    Modern offensive security platform
  - Dynamic Application Security Testing
    
    Automated application security scanning
  - Pricing
    
    Explore the flexible Cobalt credit model
Services
- - Application Security
    
    Secure your apps without slowing down development
  - Application Pentest
  - Secure Code Review
  - LLM Pentest
  - Network Security
    
    Protect systems and data with offensive security
  - Network Pentest
  - Red Teaming
- - Cloud Security
    
    Secure your cloud infrastructure
  - Brand Protection
    
    Safeguard your reputation
  - Digital Risk Assessment
  - Social Engineering
  - Device Security
    
    Secure your devices from threats
  - Device Hardening
  - IoT Testing
Solutions
- - PtaaS
    
    On-demand Pentesting as a Service
  - Goal-Based Pentest
    
    Simulated attack to test your security defenses
- - Compliance
    
    Comprehensive pentesting for compliance
  - Secure SDLC
    
    Develop securely and deploy confidently
  - Offensive Security Program
    
    Minimize risk efficiently and effectively
- - For Small Businesses
    
    Pentesting for growing business needs
  - For IT & Information Security Teams
    
    Explore the benefits of an offensive security platform
  - For DevOps Teams
    
    Explore the benefits of continuous security testing
About
- - Why Cobalt
    
    Why сustomers сhoose Cobalt
  - About Us
    
    Who we are
  - Leadership
    
    The minds driving our mission forward
  - Cobalt Core
    
    Community of skilled, vetted security experts
  - Partners
    
    Explore Cobalt's partner network
- - Customers
    
    Real customer stories straight from the source
  - Press
    
    Read the latest news at Cobalt
  - Careers
    
    Redefine and reimagine modern offensive security
  - Contact Us
    
    Connect with a team member
- - GigaOm Radar Report
    
    Featured
    
    Download
Resources
- - Resource Library
    
    Rethinking offensive security
  - Blog
    
    Insights from security leaders, pentesters, and developers
- - Events & Webinars
    
    Explore thought-provoking security topics
  - InfoSec Podcast
    
    Explore the stories of cybersecurity experts
- - State of Pentesting Report 2024
    
    Featured
    
    Download
login
get started

Cobalt Core (5)

All you need to know about JWT Pt. 2

All you need to know about JWT Pt. 2

Did you read our introductory blog on JSON tokens in November? Now time for a deeper dive into JSON Web Tokens, aka JWT. Core Pentester Ninad Mathpati expands on all things JWT.

Cobalt Core Pentester Guides

Dec 26, 2022

Est Read Time: 13 min

Steampipe: Monitor Your Cloud Resources

Are you working in the cloud? If so, you can use an open-source tool named Steampipe to monitor your cloud infrastructure using SQL. One of Cobalt's Core Pentesters walks us through how Steampipe works in our latest Pentester Guide.

Cobalt Core Pentester Guides

Dec 21, 2022

Est Read Time: 8 min

Introduction to Command Injection Vulnerability

We've covered code injection attacks in recent blogs, but do you happen to know about command injection attacks? Core Pentester Harsh Bothra walks us through the differences and covers all you need to know to protect yourself against command injection attacks.

Cobalt Core Pentester Guides

Dec 14, 2022

Est Read Time: 8 min

Introducing Hacker Corner; Episode 1: Redteaming vs Pentesting Demystified

Introducing Hacker Corner! Hacker Corner is a podcast for hackers made by hackers. Join host Sheeraz Ali for episode one with guest Saad Nasir as they discuss redteaming vs. pentesting.

Cobalt Core

Dec 13, 2022

Est Read Time: 4 min

Hunting for Broken Link Hijacking (BLH) cover image

Hunting for Broken Link Hijacking (BLH)

How often are you checking to ensure there are no broken links on your webpage? If you aren't checking, attackers could be taking advantage using a broken link hijacking attack. Core Pentester Harsh Bothra writes about what scenarios to watch out for.

Cobalt Core Pentester Guides

Dec 7, 2022

Est Read Time: 4 min

Then & Now: Sagar Parmar

Sagar Parmar has been a Cobalt Core Pentester for almost six years. He learned about Cobalt through another Core Pentester and loves how PtaaS has worked compared to bug bounty programs.

Pentester Stories Cobalt Core

Dec 6, 2022

Est Read Time: 3 min

JSON Web Tokens

JSON Web Token (JWT) is an open standard that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. With the rise of JWT, Core Pentester Saad Nasir gives an introduction to the new security token.

Cobalt Core Pentester Guides Web Application Pentesting

Dec 5, 2022

Est Read Time: 9 min

Pentester Spotlight: Razvan Ionescu, Romania's 3rd GIAC Security Expert

Razvan Ionescu has been pentesting with the Cobalt Core since 2018. He recently became a GIAC Security Expert, Romania's third. Read more about Razvan in his Pentester Spotlight.

Pentester Stories Cobalt Core

Nov 30, 2022

Est Read Time: 5 min

Introduction to Serverless Vulnerabilities

Core Pentester Harsh Bothra introduces us to serverless vulnerabilities. He reviews the top 10 vulnerabilities and concludes with how to remediate them.

Cobalt Core Pentester Guides

Nov 23, 2022

Est Read Time: 6 min

3 4 5 6 7