Over 10 years we help companies reach their financial and branding goals. Engitech is a values-driven technology agency dedicated.



411 University St, Seattle, USA


+1 -800-456-478-23

Web Application Security Testing
authentication bypass vulnerability

CakePHP Application Cybersecurity Research – Forgotten Endpoint: Authentication bypass with /open prefix

Web applications are often the first target for attackers due to the vast amount of sensitive information they contain. Ensuring the security of these applications is crucial to protect both users and businesses from potential cyber threats. One of the most effective ways to identify vulnerabilities in web applications is through web application penetration testing. […]

Web Application Security Testing
open source vulnerability scanner

CakePHP Application Cybersecurity Research – Be Careful with Reflections For Your Web Application Security

Web application security is a critical aspect of maintaining secure and reliable online services. One of the most commonly exploited vulnerabilities in web applications is reflected Cross-Site Scripting (XSS). This article will explore this vulnerability, a real-life example reflected XSS Dawid found in Cerebrate, its impact, and how to protect your site from this threat. […]

Web Application Security Testing
xss protection

CakePHP Application Cybersecurity Research – Protect Your Website from Stored XSS Attacks: Understanding and Preventing Vulnerabilities in Open-source Applications

Stored Cross-Site Scripting (XSS) are relatively common and dangerous vulnerabilities that can compromise your web application’s security. In this article, we will discuss what stored XSS attacks are, their impact on website security, and stored XSS protection in web applications with examples of stored XSS vulnerability we found in MISP. In this article you will […]

Web Application Security Testing
white box testing example

CakePHP Application Cybersecurity Research – Exploring the PHAR Deserialization PHP Vulnerability: A White Box Testing Example

In this article, we are going to explore the topic of PHAR deserialization php vulnerability that Dawid found in a white box testing. Before we continue, let’s talk about PHAR a little bit and after that what is the PHAR deserialization php vulnerability. In this article you will find: What is PHAR? PHP Archive (in […]

Web Application Security Testing
web application security

CakePHP Application Cybersecurity Research – The Impact of a PHP Vulnerability: Exploring the Password Confirmation Bypass in MISP

In this article As someone who tests web application security cautiously, Dawid discovered a vulnerability in MISP, a popular open-source platform for sharing and analyzing threat information. This vulnerability allows an attacker to bypass password confirmation and change sensitive information without proper authorization. In this article, I’ll explain the technical details of this PHP vulnerability […]

Web Application Security Testing
sql injection test

CakePHP Application Cybersecurity Research – Hiding in Plain Sight: The Hidden Danger of SQL Injection in Input Field Names

In this article you will find: Web applications have become an integral part of modern-day businesses, and with the increase in their usage, web security has become a significant concern. Among the various security threats, SQL injection is a severe vulnerability that can lead to the exposure of sensitive data and even the compromise of […]

Web Application Security Testing
vulnerability scanning

CakePHP Application Cybersecurity Research – Bypassing security mechanisms in CakePHP vulnerability scanning

Vulnerability Scanning of CakePHP Applications If you want to perform vulnerability scanning of your CakePHP-based web application, you have to make sure to correctly configure your scanner. Otherwise, it won’t be effective and you will get a false sense of security because it won’t find web application vulnerabilities. For a CakePHP-based web application, it may […]

Web Application Security Testing
web application scanner

CakePHP Application Cybersecurity Research – Attack surface in CakePHP web application penetration testing

Improve your web application scanner by understanding the attack surface Understanding the attack surface of the web application is a very important step while conducting cybersecurity research or penetration testing. Even if you are running a web application scanner as part of DAST activities, knowing the attack surface will help you cover more functionality of […]

Web Application Security Testing

CakePHP Application Cybersecurity Research – White box penetration testing in action

Cybersecurity research and web application penetration testing in one Performing web application penetration testing is a very good approach to improve the web application security. The most common type of web application penetration testing is a black box model where the team conducting the test knows very little about the target web application. This makes […]