CaseBox is a flexible task, document, and record management system.

CaseBox is designed to support the needs of litigation NGOs which are looking for an integrated and web-based application to manage their caseload. CaseBox can also be provided to NGOs at a hosted “software as a service” solution, including technical support, customisations, and upgrades.

The penetration test of CaseBox was carried out by the Cure53 team over a period of 10 days in July 2014. Within the test scope, thirty vulnerabilities and weaknesses were identified and were addressed by CaseBox. The tests were carried out against the CaseBox application itself.

The full audit and summary of findings can be found below.

CaseBox Penetration Test