Resources

Web App Assessments

Latest Web App Assessments Resources

Discovering wp-admin.php URLs in Wordpress With GravityForms

By targeting a specific endpoint and passing in a random string, GravityForms will prompt users to authenticate first. This results in the unauthenticated user being redirected to the obscured administrative login page…

Read more

cURL For The Pentester: Above & Beyond

Did you know you can interact with LDAP using cURL? How about NTLM, proxy tunneling, or domain sockets? A deep dive into some less common and advanced features of cURL, including sending POST requests with a payload… read more →

A Showcase of the Top OWASP Risks

Exploiting several Top 10 risks using the Damn Vulnerable Web Application (DVWA), as it’s expressly configured to highlight sub-optimal cybersecurity practices relevant to modern web applications. read more →

Continuous Human & Automated Security

The Expert-Driven Offensive
Security Platform

Continuously monitor your attack surface with advanced change detection. Upon change, testers and systems perform security testing. You are alerted and assisted in remediation efforts all contained in a single security application, the Sprocket Platform.

Watch Demo Request Quote

Expert-Driven Offensive Security Platform

  • Attack Surface Management
  • Continuous Penetration Testing
  • Adversary Simulations