Recommended blog posts
You might be interested in the following related posts.
An OffSec Exploitation Expert review
An interview with members of our hacking team
What is invisible to some hackers is visible to others
There's not an only way but here's a good one
An OffSec Experienced Pentester review
Injecting JS into one site is harmful, into all, lethal
A Certified Red Team Lead (CRTL) Review
So it's the app itself that delivers the cookie to me?