Challenges: WAFs, Account Lockouts, and API Docs

In this episode, Spencer and Darrius go "behind the hack" and discuss what life is like behind the keyboard of a web application penetration tester. They discuss various parts of a web app penetration test such as planning and preparation, execution, and post-exploitation as well as common challenges throughout the way.

Blog: https://offsec.blog/
Youtube: https://www.youtube.com/@cyberthreatpov
Twitter: https://x.com/cyberthreatpov

Follow Spencer on social ⬇
Spencer's Links: https://go.spenceralessi.com/links

Work with Us: https://securit360.com | Find vulnerabilities that matter, learn about how we do internal pentesting here.