PentesterLab

We’re Moving Our Blog Back Home!

We’re excited to announce that PentesterLab is moving its blog from Medium back to our own website!

Why We’re Moving

• More Control: We want full control over our content and how it’s presented.

The Power of Scripting in Web Hacking

In web hacking, scripting is a key skill that separates good hackers from great ones. If you…

6 Questions to Ask When Interviewing for an AppSec Role

Don’t Let Tools Spoil Your Hacking Education

In the world of hacking, the right tools can make all the difference. However…

Beating the code review plateaux

In every field, people eventually hit plateaux in their progression. Security code review is no…

Interview with Ryan Montgomery aka 0day

Tell me a bit more about yourself?

Exploring Algorithm Confusion Attacks on JWT: Exploiting ECDSA

JSON Web Tokens (JWT) are widely used for authentication in modern applications. As their use increases, so does the importance of understanding common attacks against them, such as algorithm confusion attacks. For a long…

A strategy to land your first pentest job

In this blog post, we are going to cover a strategy to help you get a job as a…