|
Allowlist Bypass
|
Unvalidated Redirects |
700 |
|
|
Outdated Allowlist
|
Unvalidated Redirects |
100 |
|
|
Bonus Payload
|
XSS |
100 |
|
|
DOM XSS
|
XSS |
100 |
|
|
GenAI Challenge 05
|
Generative AI |
200 |
|
|
GenAI Challenge 04
|
Generative AI |
100 |
|
|
Secret Management Question 6
|
Essentials - Secret Management |
80 |
|
|
Secret Management Question 5
|
Essentials - Secret Management |
80 |
|
|
Secret Management Question 4
|
Essentials - Secret Management |
80 |
|
|
Secret Management Question 3
|
Essentials - Secret Management |
80 |
|
|
Secret Management Question 2
|
Essentials - Secret Management |
80 |
|
|
Secret Management Question 1
|
Essentials - Secret Management |
80 |
|
|
Secret Management Prerequisites
|
Essentials - Secret Management |
20 |
|
|
SSRF
|
Broken Access Control |
1350 |
|
|
Score Board
|
Miscellaneous |
100 |
|
|
Security Bugs Scenario 2
|
Essentials - Security Bugs |
80 |
|
|
Security Bugs Scenario 1
|
Essentials - Security Bugs |
80 |
|
|
Security Bugs Question 3
|
Essentials - Security Bugs |
20 |
|
|
Security Bugs Question 1
|
Essentials - Security Bugs |
20 |
|
|
Security Bugs Prerequisites
|
Essentials - Security Bugs |
20 |
|
|
Security Standards Scenario 4
|
Essentials - Security Standards |
80 |
|
|
Security Standards Scenario 3
|
Essentials - Security Standards |
80 |
|
|
Security Standards Scenario 2
|
Essentials - Security Standards |
80 |
|
|
Security Standards Scenario 1
|
Essentials - Security Standards |
80 |
|
|
Security Standards Prerequisites
|
Essentials - Security Standards |
20 |
|
|
GenAI Challenge 03
|
Generative AI |
50 |
|
|
GenAI Challenge 02
|
Generative AI |
40 |
|
|
GenAI Challenge 01
|
Generative AI |
20 |
|
|
Scenario 4 - High-Risk Deployment and Compliance
|
Essentials - Quality |
20 |
|
|
Scenario 3 - Mitigating Risk During Feature Planning
|
Essentials - Quality |
20 |
|
|
Scenario 2 - Diagnosing and Mitigating Latency Spikes in Production
|
Essentials - Quality |
20 |
|
|
Scenario 1 - Balancing Testing Investment and Feature Delivery
|
Essentials - Quality |
20 |
|
|
Data Classification Scenario 8
|
Essentials - Data Classification |
80 |
|
|
Data Classification Scenario 7
|
Essentials - Data Classification |
80 |
|
|
Data Classification Scenario 5
|
Essentials - Data Classification |
80 |
|
|
Data Classification Scenario 4
|
Essentials - Data Classification |
80 |
|
|
Data Classification Scenario 1
|
Essentials - Data Classification |
80 |
|
|
Data Classification Prerequisites
|
Essentials - Data Classification |
20 |
|
|
Login Amy
|
Sensitive Data Exposure |
450 |
|
|
Confidential Document
|
Sensitive Data Exposure |
100 |
|
|
Error Handling
|
Security Misconfiguration |
100 |
|
|
Login Admin
|
Injection |
250 |
|
|
Password Strength
|
Broken Authentication |
250 |
|
|
Easter Egg
|
Broken Access Control |
700 |
|
|
CSRF
|
Broken Access Control |
450 |
|
|
Manipulate Basket
|
Broken Access Control |
450 |
|
|
Product Tampering
|
Broken Access Control |
450 |
|
|
Login Bender
|
Injection |
450 |
|
|
Login Jim
|
Injection |
450 |
|
|
Forged Review
|
Broken Access Control |
450 |
|
|
Forged Feedback
|
Broken Access Control |
450 |
|
|
View Basket
|
Broken Access Control |
250 |
|
|
Five-Star Feedback
|
Broken Access Control |
250 |
|
|
Admin Section
|
Broken Access Control |
250 |
|