Pentesting Engagement

Cyber attackers are relentless. They're constantly on the hunt for weaknesses, particularly in enterprise software that stores critical data. Take HPE StoreOnce, for example, a widely used backup solu...

In today’s digital age, where businesses continually grapple with cyber threats, executives must make informed decisions about securing their assets. Many organizations, eager to enhance cybersecurity...

In today's digital age, web applications form the backbone of many businesses, providing critical services and user interactions. As such, the security of these applications is paramount. Frameworks l...

Unlock the secrets of cybersecurity with these top free tools for effective penetration testing, ensuring your systems are secure without breaking the bank....

Understanding the differences between internal and external penetration testing is crucial for safeguarding your enterprise against cyber threats. Learn which type is suitable for your business and ho...

In the rapidly evolving landscape of cybersecurity, understanding the different types of penetration tests is crucial for safeguarding your digital assets....

Penetration testing is often seen as a high-stakes, challenging career, but how tough is it really to break into and succeed in this field?...

Privilege escalation is a type of cyber-attack where an attacker gains elevated access to resources that are normally protected from an application or user. In the context of lead generation platforms...

Imagine organizing an event with hundreds of attendees, all trusting your platform to keep their personal information safe. Now, imagine if that information, including names and contact details, could...

Penetration testing is a crucial part of any business’s security strategy, but it’s important to understand how much it should cost and what you’re actually paying for. Let’s explore the typical prici...

As organizations continue to adopt modern web technologies, the need for securing web applications becomes more critical than ever. One of the rapidly growing frameworks for building interactive web a...

During a pentesting engagement at CyberAR, I discovered an open redirect vulnerability on the login page that I was able to escalate to an account takeover. In this write-up, I’ll explain how I achiev...

In today’s digital age, secure user authentication is paramount to protect sensitive information and maintain user trust. However, during a recent web application penetration test, I uncovered a criti...

During a penetration testing engagement with CyberAr, I focused on examining the security of a cloud service’s advanced features. I discovered a Server-Side Request Forgery (SSRF) vulnerability that a...

During a recent penetration testing engagement at CyberAR, we uncovered a seemingly simple yet critically impactful vulnerability in a platform designed to sync WhatsApp with CRM systems. This platfor...

Preparing for a penetration test is a crucial step in securing your business. In this guide, we’ll explain how to prepare for a penetration test, helping you ensure your systems are ready to face any ...

Imagine the consequences of 390,000 user accounts compromised in a matter of seconds — data exposure, financial loss, and reputational damage that could take years to recover from. This was the realit...

While performing a pentesting engagement with CyberAR on a cloud solutions web application, I chained a vulnerability and a weird function to reach a critical impact....

While conducting web application testing, I focused on the email and password update sections, particularly the email update functionality. This feature is crucial as it contains a critical vulnerabil...

Understanding 0-click account takeover (ATO) via Google Authentication is crucial for maintaining your online security. This type of attack allows hackers to gain access to your accounts without any a...