Hack the Box Competition
Authorized Target Space: 18.104.22.168
Rules of Engagement (ROE) click HERE
Are you looking to put your skills to the test against a real-world system? Think you can guide your way through a cyber kill chain and exploitation? Take a crack at a public facing web application and help Company X pen test it! Some high-level security has been added, so try and gain access in! As a bonus, there are some opportunities for TCP/IP stack tests, telephone event attacks and SQL injection.
We encourage an after-action report of your methods and what worked to get in and what your process was. These reports not only allow you to showcase your talents and techniques in a professional way but allows for Company X to scrutinize how its web application security holds up to various threats.
As a winner, you will have the opportunity for cool swag and the chance for the real company to meet with you!
The rules are simple. All methods of attack are viable except for phishing and social engineering and DOS. The only site under test is the one that will be provided in the Rules of Engagement. No other company domains if found, are permitted to be attacked. Find the site, get in, stay in, agree to ROE, and read scope, then change or knock down whatever you can and let us know! Pen Testers unite, let’s have a great hack-tivity on a real site.
You can find the webcast recording on our YouTube Channel
Click HERE for an Assessment Template for your write-up submission.
SUBMIT your write-up HERE
SIGN UP FOR email UPDATES HERE
Agent X: firstname.lastname@example.org
Gus Hinojosa, Executive Director, Student Association: email@example.com