ZER0DAY

1st place

11150 points


Solves

Challenge Category Value Time
Cross-Site Scripting (XSS) - Stored Web Application Pentest 300
Broken Access Control - Admin Panel Web Application Pentest 300
Path Traversal Web Application Pentest 300
Log Analysis 1 Log Analysis 100
Log Analysis 2 Log Analysis 100
Log Analysis 3 Log Analysis 100
Log Analysis 4 Log Analysis 100
Log Analysis 5 Log Analysis 150
Server-Side Request Forgery (SSRF) Web Application Pentest 300
XML External Entity (XXE) Injection Web Application Pentest 300
SQL Injection - Login Bypass Web Application Pentest 200
Insecure Direct Object Reference (IDOR) Web Application Pentest 300
Weak Password Reset Web Application Pentest 300
Command Injection Web Application Pentest 400
Hardcoded Secret Web Application Pentest 100
Command Injection Static Code Analysis 400
Insecure Direct Object Reference (IDOR) Static Code Analysis 800
Cross-Site Request Forgery (CSRF) Static Code Analysis 700
Server-Side Request Forgery (SSRF) Static Code Analysis 600
Sensitive Data Exposure Static Code Analysis 600
Insecure Deserialization Static Code Analysis 600
XML External Entity (XXE) Static Code Analysis 500
Missing Authorization Static Code Analysis 500
Insecure Cookie Configuration Static Code Analysis 400
Missing Input Validation Static Code Analysis 400
Mass Assignment Static Code Analysis 400
Session Management Vulnerabilities Static Code Analysis 400
SQL Injection Static Code Analysis 200
Weak Random Number Generation Static Code Analysis 300
Path Traversal Static Code Analysis 300
Cross-Site Scripting (XSS) Static Code Analysis 300
Open Redirect Static Code Analysis 200
Weak Password Storage Static Code Analysis 200