7 months ago

Public voting is now open

It's your turn to pick the Popular Choice award winner! Browse 'HTS 2k25-Hack The Shield' submission gallery, click on your favorite, and vote. Be sure to spread the word via your social networks, too!

Please note, as per the Devpost terms of service, you may not tamper with the vote process through manual or automated means, or attempt to compensate voters, at risk of disqualification. Find out more about public voting here.

Questions?

If you have any questions about the hackathon, please post on the discussion forum.

7 months ago

πŸ”₯ ROUND:03 Mini Project: β€œBuild & Secure a Vulnerable App”

⏳ Duration: 2 Days 🎯 Goal

Teams will build a small web app, intentionally add real bug bounty vulnerabilities, exploit them, and then fix them.

Required Vulnerabilities

Your app must include at least:

  1. IDOR

  2. Broken Access Control

  3. XSS (stored or reflected)

  4. Insecure File Upload

Bonus (optional):

  • Weak JWT secret

  • Sensitive data leak

  • CSRF

Required Submission

Teams must submit all of the following:

  • Vulnerable Version (Before Fix) β€”> the intentionally vulnerable app.

  • Secure Version (After Fix) β€”> patched & secured app.

  • Bug Bounty Report (Mandatory) β€”> a professional report including:

    • Bug Title

    • Vulnerability Type (IDOR/XSS/etc.)

    • Severity

    • Steps to…

Read more

7 months ago

Round 02 Begins πŸ”₯ ( Operation: Broken Web )

Operation: Broken Web

BlackHaze has breached Rivertown’s Web Command Core and left 4 vulnerable entry points.
Your mission: Exploit them, capture the flags, restore the system.

TARGETS

🟦 IDOR Breach β€” Access restricted profile & extract token.
Difficulty: β˜…β˜…β˜†β˜†

🟩 XSS Injection β€” Trigger redirect using JS payload.
Difficulty: β˜…β˜…β˜†β˜†

πŸŸ₯ SQLi Bypass β€” Break login via SQL manipulation.
Difficulty: β˜…β˜…β˜…β˜†

πŸŸͺ Admin Takeover β€” Find & breach hidden admin panel.
Difficulty: β˜…β˜…β˜…β˜…

Dive Into Operation: BrokenWeb

7 months ago

Round 01 Begins πŸ”₯ ( City of Shadows 🎩)

Rivertown is under Rocky’s control. Your mission: find the 9 hidden flags in the dataset below and submit them with your team info
πŸ“‚ Download The Dataset Find 9 Flags: Click Here
βœ… Everything is safe. Explore, investigate, and capture the flags!

Format:
1. FLAG-01 Β 
2. FLAG-02 Β 
… Β 
9. FLAG-09 Β 

Team Name: Β 
Members: Β 
Email: Β 
The city waits. Only you can topple Rocky. Good luck!