THREE PEAT
GigaOm Names Cobalt an “Outperformer” for Third Consecutive Year in Annual Radar Report for PTaaS.
Read Report
Platform
Cobalt Platform
Modern offensive security platform
Dynamic Application Security Testing
Automated application security scanning
Pricing
Explore the flexible Cobalt credit model
Services
Application Security
Secure your apps without slowing down development
Application Pentest
Secure Code Review
LLM Pentest
Network Security
Protect systems and data with offensive security
Network Pentest
Red Teaming
Cloud Security
Secure your cloud infrastructure
Brand Protection
Safeguard your reputation
Digital Risk Assessment
Social Engineering
Device Security
Secure your devices from threats
Device Hardening
IoT Testing
Solutions
PtaaS
On-demand Pentesting as a Service
Goal-Based Pentest
Simulated attack to test your security defenses
Compliance
Comprehensive pentesting for compliance
Secure SDLC
Develop securely and deploy confidently
Offensive Security Program
Minimize risk efficiently and effectively
For Small Businesses
Pentesting for growing business needs
For IT & Information Security Teams
Explore the benefits of an offensive security platform
For DevOps Teams
Explore the benefits of continuous security testing
About
Why Cobalt
Why сustomers сhoose Cobalt
About Us
Who we are
Leadership
The minds driving our mission forward
Cobalt Core
Community of skilled, vetted security experts
Partners
Explore Cobalt's partner network
Customers
Real customer stories straight from the source
Press
Read the latest news at Cobalt
Careers
Redefine and reimagine modern offensive security
Contact Us
Connect with a team member
GigaOm Radar Report
Featured
Download
Resources
Resource Library
Rethinking offensive security
Blog
Insights from security leaders, pentesters, and developers
Events & Webinars
Explore thought-provoking security topics
InfoSec Podcast
Explore the stories of cybersecurity experts
State of Pentesting Report 2024
Featured
Download
login
get started
Read Report
Platform
Cobalt Platform
Modern offensive security platform
Dynamic Application Security Testing
Automated application security scanning
Pricing
Explore the flexible Cobalt credit model
Services
Application Security
Secure your apps without slowing down development
Application Pentest
Secure Code Review
LLM Pentest
Network Security
Protect systems and data with offensive security
Network Pentest
Red Teaming
Cloud Security
Secure your cloud infrastructure
Brand Protection
Safeguard your reputation
Digital Risk Assessment
Social Engineering
Device Security
Secure your devices from threats
Device Hardening
IoT Testing
Solutions
PtaaS
On-demand Pentesting as a Service
Goal-Based Pentest
Simulated attack to test your security defenses
Compliance
Comprehensive pentesting for compliance
Secure SDLC
Develop securely and deploy confidently
Offensive Security Program
Minimize risk efficiently and effectively
For Small Businesses
Pentesting for growing business needs
For IT & Information Security Teams
Explore the benefits of an offensive security platform
For DevOps Teams
Explore the benefits of continuous security testing
About
Why Cobalt
Why сustomers сhoose Cobalt
About Us
Who we are
Leadership
The minds driving our mission forward
Cobalt Core
Community of skilled, vetted security experts
Partners
Explore Cobalt's partner network
Customers
Real customer stories straight from the source
Press
Read the latest news at Cobalt
Careers
Redefine and reimagine modern offensive security
Contact Us
Connect with a team member
GigaOm Radar Report
Featured
Download
Resources
Resource Library
Rethinking offensive security
Blog
Insights from security leaders, pentesters, and developers
Events & Webinars
Explore thought-provoking security topics
InfoSec Podcast
Explore the stories of cybersecurity experts
State of Pentesting Report 2024
Featured
Download
login
get started
THREE PEAT
GigaOm Names Cobalt an “Outperformer” for Third Consecutive Year in Annual Radar Report for PTaaS.
Read Report
Pentester Guides (9)
Filter by Topic
Agile Pentesting
API Pentesting
Awards
Cloud Security
Cobalt Core
Compliance
Cybersecurity Insights
Cybersecurity Services
DevSecOps
Industry Breakdowns
Life at Cobalt
LLM Security
Mobile Application Pentesting
Modernizing Pentesting
NEWS
Partners
Pentester Guides
Pentester Stories
Product Updates
Web Application Pentesting
See all content
Scope Based Recon Methodology: Exploring Tactics for Smart Recon
Reconnaissance (aka Recon) is an essential process in pentesting, especially Black Box Pentesting, where you don't have...
Pentester Guides
Feb 16, 2021
Est Read Time: 10 min
Read more
A Pentester’s Guide to WebSocket Pentesting
What is WebSocket Hijacking? As OWASP states, the HTTP protocol only allows one request/response per TCP connection....
Pentester Guides
Web Application Pentesting
Feb 5, 2021
Est Read Time: 4 min
Read more
Bypassing the Protections — MFA Bypass Techniques for the Win
Multi-Factor Authentication (MFA) often known as Two-Factor Authentication (2FA) is an added layer of protection added...
Pentester Guides
Jan 27, 2021
Est Read Time: 6 min
Read more
A Pentester’s Guide to Code Injection
Learn about code injection vulnerabilities with the Pentester’s Guide to Code Injection.
Cobalt Core
Pentester Guides
Jan 8, 2021
Est Read Time: 3 min
Read more
A Pentester's Guide to Server Side Template Injection (SSTI)
Server-side template injection is a vulnerability where the attacker injects malicious input into a template to execute commands on the server-side.
Cobalt Core
Pentester Guides
Dec 24, 2020
Est Read Time: 3 min
Read more
A Pentester’s Guide to Command Injection
Get expert insights with a command injection tutorial with insights from pentesting experts at Cobalt, a Pentest as a Service (PtaaS) provider.
Pentester Guides
Dec 11, 2020
Est Read Time: 3 min
Read more
How to Execute an XML External Entity Injection (XXE)
What's XXE? An XML External Entity vulnerability is a type of attack against an application that parses XML input. This...
Pentester Guides
Nov 26, 2020
Est Read Time: 4 min
Read more
A Pentester’s Guide to Cross-Site Request Forgery (CSRF)
Cross-Site Request Forgery (CSRF) is an attack that forces an end user to execute unwanted actions on a web application...
Pentester Guides
Nov 13, 2020
Est Read Time: 4 min
Read more
A Pentester’s Guide to Cross-Site Scripting (XSS)
Examine a common security vulnerability, Cross-Site Scripting (XSS).
Pentester Guides
Oct 30, 2020
Est Read Time: 8 min
Read more
7
8
9
10
11
.svg){kind=icon}
.svg){kind=icon}
