Wait! Before you start we recommend you have the following ready:
- Bag of tools for web application pentest
- Favourite editor/IDE
- Disasembler/debugger (I.E Ollydbg, IDA Pro)
- Wine (if on linux)
- Interception Proxy of your choice (burp, zap)
Wait wait! Here's some tips on how to do well.
- Please don't just run an automated scanning tool and give us the results. You are not going to get very
far in the challenge.
- Write the report as if you are submitting for a commercial client.