Blog
The Pentester’s Guide to AI Disruption: A 6-Part Series
Week 1: March 3 - Act I (The Crisis) March 5 - Act II, Scenes 1-3 (The Search Begins) Week 2: March 10 - Act II, Scenes 4-5 (The Gap and Realization) March 12 - Act III (The Reframe) Week 3: March 17 - Act IV, Scene 1 (The Method) March 19 - Act IV, Scene 2-3 (The...
Act I: The Crisis
Scene 1 (The Introduction) My first introduction to XBOW was a LinkedIn notification in late 2024. We're hiring at XBOW! We're on a mission to redefine offensive security through AI. The email was a LinkedIn summary. A repost from Nico Waisman. The "use after free"...
cURL for Pentesters: Part 3 – Advanced Techniques
In Part 1 and Part 2, we covered the fundamentals and intermediate techniques. Now we'll explore curl's automation capabilities through globbing, handling various authentication schemes, and learn techniques for bypassing common restrictions. These skills separate...
cURL for Pentesters: Part 2 – Cookies, Sessions, & SSL/TLS
In Part 1 of our series of curl usage, we covered the fundamentals: headers, request methods, and basic data submission. Now we'll look at some techniques that'll make you look like a curl pro. We'll be covering cookies, SSL certificate handling, and extracting only...
cURL for Pentesters: Part 1 – Master the Fundamentals
If you're new to penetration testing, curl might seem like just another command line tool in an already overwhelming toolkit. But here's the thing: curl is likely the most universally available HTTP client you'll encounter. Whether you've just compromised a Linux...