Rules & Guidelines

• Identify and fix bugs in the code.
• Time-limited debugging rounds.
• Participants must report 15 minutes before their match.
• Judge's decision is final.
• Participants shall be solely responsible for their personal belongings and any liabilities arising during the event. The organizing committee shall not be held accountable for any loss, damage, or unforeseen circumstances affecting participants

Disqualification Criteria

• 🚫 Using unauthorized hacking tools.
• 🚫 Attacking external systems.
• 🚫 Sharing bug codes or findings mid-event.
• 🚫 Violating ethical hacking principles.

Event Format

• Participants register and receive event details and rules.
• Participants explore a simulated banking website to find vulnerabilities.
• Bugs must be reported with assigned bug codes via the designated system.
• Scores are calculated based on severity and number of bugs found.
• Winners participate in a fun cybersecurity quiz (non-scoring).

Scoring System

• 🚨 SQL Injection - 100 Points
• 🔓 Unauthorized Access - 80 Points
• ⏳ Session Management Exploits - 70 Points
• 📷 Missing Content - 50 Points
• 🔗 Broken Links - 30 Points
• 📝 Spelling Errors - 10 Points

Winning Criteria

• The participant with the highest total points wins.
• If scores are tied, the participant who found the most critical bugs wins.
• Bugs must be reported within the 30-minute time limit.
• Only correctly reported bug codes will be counted.