Find the latest Webinar content from the Sprocket Testing Team.
Resources Blog

Blog

Keep up to date with the latest offensive security news, knowledge, and resources.
Putting the Token Before the Cart? A Guide on E-Commerce API Pentesting
Feb 26, 2026

Putting the Token Before the Cart? A Guide on E-Commerce API Pentesting

Nate Fair
Senior Penetration Tester
Why traditional API pentests miss real commerce risk and how cart tokens, checkout flows, and cross-layer auth gaps expose customer data.
READ
What the Latest Social Engineering Attacks in Financial Services Look Like
Feb 25, 2026

What the Latest Social Engineering Attacks in Financial Services Look Like

87% of financial sector breaches involve a human element. Discover how deepfakes, spear-phishing, and pretexting are evolving and what leaders should test.
READ
LLMs Don't Follow Rules – They Follow Context
Feb 24, 2026

LLMs Don't Follow Rules – They Follow Context

Jack Willis
Software Developer
LLM behavior isn't governed by a rulebook — it emerges from context, shaped by a stack of training, fine-tuning, and runtime instructions. Understanding this explains why the same model gives radically different responses to functionally identical requests.
READ
How Cloud Migrations Expand Your Attack Surface
Feb 23, 2026

How Cloud Migrations Expand Your Attack Surface

Cloud migrations create new attack vectors security teams aren’t testing. Learn how these expand your exposure and how to close the gaps.
READ
How to See Your Perimeter the Way Attackers Do
Feb 20, 2026

How to See Your Perimeter the Way Attackers Do

Learn how attackers recon your perimeter and how to see what they see before they exploit it.
READ
Why Your Vendors Need to be in Your Testing Scope
Feb 18, 2026

Why Your Vendors Need to be in Your Testing Scope

Your pentest scope might be missing the biggest risk in your environment: your vendors. See the data and what to do about it.
READ
3 4 5 6 7