Over 10 years we help companies reach their financial and branding goals. Engitech is a values-driven technology agency dedicated.

Gallery

Contacts

411 University St, Seattle, USA

engitech@oceanthemes.net

+1 -800-456-478-23

Cybersecurity
what hackers do with your data

What do Cyber Threat Actors do with your information?

In today’s digital age, the threat of data breaches is a constant concern. Hackers are becoming more sophisticated in their techniques, targeting individuals and businesses alike. The consequences of a cyberattack can be devastating, leading to financial loss, reputational damage, and even legal issues. Therefore, it is crucial to understand what hackers are planning to […]

Web Application Security Testing
AI penetration testing

As an AI Language Model, Please Have Mercy on Me

Before starting, there is one thing to clarify. This article is not about “How to use the benefits of AI language models while conducting penetration test”. This article is about “How to conduct a penetration test towards AI language models”. With that said, please do not forget business logic vulnerabilities. For example, if an AI […]

Web Application Security Testing
types of penetration testing

Black-box vs. Grey-box vs. White-box: Which Penetration Test Is Right for You?

You need to know if your company’s security controls and defenses can withstand a real cyber attack. Penetration testing is how you find out, but with three main types, black-box, grey-box, and white-box, how do you choose? Don’t worry, we’ve got you covered. Penetration tests can sound intimidating, but it’s one of the best ways […]

Web Application Security Testing
authentication bypass vulnerability

CakePHP Application Cybersecurity Research – Forgotten Endpoint: Authentication bypass with /open prefix

Web applications are often the first target for attackers due to the vast amount of sensitive information they contain. Ensuring the security of these applications is crucial to protect both users and businesses from potential cyber threats. One of the most effective ways to identify vulnerabilities in web applications is through web application penetration testing. […]

Web Application Security Testing
open source vulnerability scanner

CakePHP Application Cybersecurity Research – Be Careful with Reflections For Your Web Application Security

Web application security is a critical aspect of maintaining secure and reliable online services. One of the most commonly exploited vulnerabilities in web applications is reflected Cross-Site Scripting (XSS). This article will explore this vulnerability, a real-life example reflected XSS Dawid found in Cerebrate, its impact, and how to protect your site from this threat. […]

Web Application Security Testing
xss protection

CakePHP Application Cybersecurity Research – Protect Your Website from Stored XSS Attacks: Understanding and Preventing Vulnerabilities in Open-source Applications

Stored Cross-Site Scripting (XSS) are relatively common and dangerous vulnerabilities that can compromise your web application’s security. In this article, we will discuss what stored XSS attacks are, their impact on website security, and stored XSS protection in web applications with examples of stored XSS vulnerability we found in MISP. In this article you will […]

Web Application Security Testing
white box testing example

CakePHP Application Cybersecurity Research – Exploring the PHAR Deserialization PHP Vulnerability: A White Box Testing Example

In this article, we are going to explore the topic of PHAR deserialization php vulnerability that Dawid found in a white box testing. Before we continue, let’s talk about PHAR a little bit and after that what is the PHAR deserialization php vulnerability. In this article you will find: What is PHAR? PHP Archive (in […]

Web Application Security Testing
web application security

CakePHP Application Cybersecurity Research – The Impact of a PHP Vulnerability: Exploring the Password Confirmation Bypass in MISP

In this article As someone who tests web application security cautiously, Dawid discovered a vulnerability in MISP, a popular open-source platform for sharing and analyzing threat information. This vulnerability allows an attacker to bypass password confirmation and change sensitive information without proper authorization. In this article, I’ll explain the technical details of this PHP vulnerability […]

Web Application Security Testing
sql injection test

CakePHP Application Cybersecurity Research – Hiding in Plain Sight: The Hidden Danger of SQL Injection in Input Field Names

In this article you will find: Web applications have become an integral part of modern-day businesses, and with the increase in their usage, web security has become a significant concern. Among the various security threats, SQL injection is a severe vulnerability that can lead to the exposure of sensitive data and even the compromise of […]

Web Application Security Testing
vulnerability scanning

CakePHP Application Cybersecurity Research – Bypassing security mechanisms in CakePHP vulnerability scanning

Vulnerability Scanning of CakePHP Applications If you want to perform vulnerability scanning of your CakePHP-based web application, you have to make sure to correctly configure your scanner. Otherwise, it won’t be effective and you will get a false sense of security because it won’t find web application vulnerabilities. For a CakePHP-based web application, it may […]