Awards
Solves
| Challenge | Category | Value | Time |
| Web Socket (WS) | WebSocket Traffic | 100 | |
| User Password Enumeration | Web Application | 100 | |
| Server Fingerprint | Web Application | 100 | |
| RIA Cross Domain Policy | Web Application | 100 | |
| REST API HTTP Methods | Web Application | 100 | |
| OTP Bruteforce | Web Application | 100 | |
| Metafiles - Info Leakage | Web Application | 100 | |
| JWT Misconfiguration | Web Application | 100 | |
| JavaScript - Info leak | Web Application | 100 | |
| Guessable Session ID | Web Application | 100 | |
| Encoding - Hashing | Web Application | 100 | |
| Default Credentials | Web Application | 100 | |
| Client Side Validation Bypass | Web Application | 100 | |
| 2FA - OTP Leakage | Authentication | 100 | |
| External Storage | Insecure Data Storage | 100 | |
| RC4 | Symmetric Encryption | 100 | |
| Blowfish | Symmetric Encryption | 100 | |
| IMEI/ESN | Device ID | 100 | |
| DES | Symmetric Encryption | 100 | |
| HTTPS Traffic | HTTP Traffic | 100 | |
| HTTP Traffic | HTTP Traffic | 100 | |
| UDP Traffic | Non-HTTP Traffic | 100 | |
| TCP Traffic | Non-HTTP Traffic | 100 | |
| Internal Storage | Insecure Data Storage | 100 | |
| Shared Preferences | Insecure Data Storage | 100 | |
| SQLite Databases (Unencrypted) | Insecure Data Storage | 100 | |
| SHA1 | Hashing | 100 | |
| MD4 | Hashing | 100 | |
| MD5 | Hashing | 100 | |
| SSAID/ANDROID_ID | Device ID | 100 | |
| Error Logs | Logs | 100 | |
| Warnings Logs | Logs | 100 | |
| Debug Logs | Logs | 100 | |
| Verbose Logs | Logs | 100 | |
| WTF Logs | Logs | 100 | |
| Informational Logs | Logs | 100 | |
| Bruteforce | Web Application | 100 | |
| QR Code | Miscellaneous | 100 | |
| Login bypass | Web Application | 100 | |
| HTML5 Controls | Web Application | 100 |