saahieb
33rd place
5200 points
Awards
Hint 1
hints
Hint for Activity data
0
Hint 9
hints
Hint for External Storage
0
Hint 2
hints
Hint for HTTP Traffic
0
Solves
Challenge | Category | Value | Time |
SHA1 | Hashing | 100 | |
MD5 | Hashing | 100 | |
Activity data | Insecure Data Storage | 100 | |
External Storage | Insecure Data Storage | 100 | |
Internal Storage | Insecure Data Storage | 100 | |
Shared Preferences | Insecure Data Storage | 100 | |
GPS Location | Device ID | 100 | |
SQLite Databases (Unencrypted) | Insecure Data Storage | 100 | |
SQL Injection | Content Providers | 100 | |
File System Expose | Content Providers | 100 | |
Caesar Cipher | Encryption | 100 | |
Network Operator Name | Emulator detection | 100 | |
RW System | Root Detection | 100 | |
Su Binary | Root Detection | 100 | |
Dangerous Props | Root Detection | 100 | |
2FA - OTP Brute-Force 2 | Authentication | 100 | |
2FA - OTP Brute-Force | Authentication | 100 | |
SSTI | Web Application | 100 | |
JSON to XXE (Blind) | Web Application | 100 | |
XXE | Web Application | 100 | |
RIA Cross Domain Policy | Web Application | 100 | |
XPATH Injection | Web Application | 100 | |
Unrestricted File Upload | Web Application | 100 | |
RFI | Web Application | 100 | |
S3 bucket misconfiguration | Web Application | 100 | |
Insecure Direct Object Reference | Web Application | 100 | |
Old Backup Files | Web Application | 100 | |
Metafiles - Info Leakage | Web Application | 100 | |
Review comment and Metadata | Web Application | 100 | |
Default Credentials | Web Application | 100 | |
SSRF | Web Application | 100 | |
REST API HTTP Methods | Web Application | 100 | |
Guessable Session ID | Web Application | 100 | |
JWT Misconfiguration | Web Application | 100 | |
OTP Bruteforce | Web Application | 100 | |
User Password Enumeration | Web Application | 100 | |
Client Side Validation Bypass | Web Application | 100 | |
Server Fingerprint | Web Application | 100 | |
JavaScript - Info leak | Web Application | 100 | |
Encoding - Hashing | Web Application | 100 | |
Login bypass | Web Application | 100 | |
Bruteforce | Web Application | 100 | |
HTML5 Controls | Web Application | 100 | |
Web Socket Secure (WSS) | WebSocket Traffic | 100 | |
Informational Logs | Logs | 100 | |
WTF Logs | Logs | 100 | |
Verbose Logs | Logs | 100 | |
Debug Logs | Logs | 100 | |
Warnings Logs | Logs | 100 | |
Error Logs | Logs | 100 | |
HTTPS Traffic | HTTP Traffic | 100 | |
HTTP Traffic | HTTP Traffic | 100 | |
Sanity Check Flag | Sanity Check | 0 |