CodaBox untangles information flows. From invoices to payroll documents, they will be converted into usable data and delivered straight into the software of your choice. Whether you are an entrepreneur, an accountant, a finance manager, or a developer, CodaBox will provide easy solutions.

We were contracted by the team at CodaBox to conduct penetration tests under our Grey Box testing services. With our experience in fintech, we were ready in ensuring the security of the API integration. In addition, due to the sensitive nature of the transactions, we were there to guarantee the safety and privacy of all involved in their day-to-day operations.

We tested for a range of commonly exploited vulnerabilities, these included:

  • Remote Code Execution
  • SQL Injection
  • Path traversal attacks
  • File upload vulnerabilities
  • Parameter tampering
  • Access control flaws
  • Transport layer security, Business logic, and Authentication flaws
  • SMTP, Header, and JSON Injection
  • XML Injection / Code Execution

From our testing, we discovered and informed the team of a number of vulnerabilities. However, by design, the CodaBox system was very secure. We were impressed by the level of maturity in their security architecture. We delivered a comprehensive report of our findings and the CodaBox team were very pleased with our recommendations as it enabled them to take their security to the next level.

Test your application's security against the best

Learn more about our penetration testing and ethical hacking for applications.