saahieb
33rd place
5200 points
Awards
Hint 1
hints
Hint for Activity data
0
Hint 9
hints
Hint for External Storage
0
Hint 2
hints
Hint for HTTP Traffic
0
Solves
| Challenge | Category | Value | Time |
| SHA1 | Hashing | 100 | |
| MD5 | Hashing | 100 | |
| Activity data | Insecure Data Storage | 100 | |
| External Storage | Insecure Data Storage | 100 | |
| Internal Storage | Insecure Data Storage | 100 | |
| Shared Preferences | Insecure Data Storage | 100 | |
| GPS Location | Device ID | 100 | |
| SQLite Databases (Unencrypted) | Insecure Data Storage | 100 | |
| SQL Injection | Content Providers | 100 | |
| File System Expose | Content Providers | 100 | |
| Caesar Cipher | Encryption | 100 | |
| Network Operator Name | Emulator detection | 100 | |
| RW System | Root Detection | 100 | |
| Su Binary | Root Detection | 100 | |
| Dangerous Props | Root Detection | 100 | |
| 2FA - OTP Brute-Force 2 | Authentication | 100 | |
| 2FA - OTP Brute-Force | Authentication | 100 | |
| SSTI | Web Application | 100 | |
| JSON to XXE (Blind) | Web Application | 100 | |
| XXE | Web Application | 100 | |
| RIA Cross Domain Policy | Web Application | 100 | |
| XPATH Injection | Web Application | 100 | |
| Unrestricted File Upload | Web Application | 100 | |
| RFI | Web Application | 100 | |
| S3 bucket misconfiguration | Web Application | 100 | |
| Insecure Direct Object Reference | Web Application | 100 | |
| Old Backup Files | Web Application | 100 | |
| Metafiles - Info Leakage | Web Application | 100 | |
| Review comment and Metadata | Web Application | 100 | |
| Default Credentials | Web Application | 100 | |
| SSRF | Web Application | 100 | |
| REST API HTTP Methods | Web Application | 100 | |
| Guessable Session ID | Web Application | 100 | |
| JWT Misconfiguration | Web Application | 100 | |
| OTP Bruteforce | Web Application | 100 | |
| User Password Enumeration | Web Application | 100 | |
| Client Side Validation Bypass | Web Application | 100 | |
| Server Fingerprint | Web Application | 100 | |
| JavaScript - Info leak | Web Application | 100 | |
| Encoding - Hashing | Web Application | 100 | |
| Login bypass | Web Application | 100 | |
| Bruteforce | Web Application | 100 | |
| HTML5 Controls | Web Application | 100 | |
| Web Socket Secure (WSS) | WebSocket Traffic | 100 | |
| Informational Logs | Logs | 100 | |
| WTF Logs | Logs | 100 | |
| Verbose Logs | Logs | 100 | |
| Debug Logs | Logs | 100 | |
| Warnings Logs | Logs | 100 | |
| Error Logs | Logs | 100 | |
| HTTPS Traffic | HTTP Traffic | 100 | |
| HTTP Traffic | HTTP Traffic | 100 | |
| Sanity Check Flag | Sanity Check | 0 |