00x?? Assignment itself - Blog website


I have built a website to publish blogs. You can find it over at https://hackxpert.com/pentest/ and I want to iron out the security flaws before we go live. The functionality is as follows:

In scope

Out of scope


The following users are available but feel free to create more:

I want you to report on any and all flaws you find, no matter how small they might be. Thank you for taking on this assignment.


The ethical hacker: Please do mail this contract of engagement, the signed NDA and a test plan to info@thexssrat.com.

The requester: Within 48 hours of receiving the signed and in order documents, the requester will send out the unique environment information to the participant.

After the test is over the participant will provide:

The requesting party will provide feedback on any step of the process if required.

This constitutes a contract of engagement.

Signed:_________________________________ Name: _________________________________ Title: __________________________________ Date: ________________ RECIPIENT (The XSS Rat) Signed:_________________________________ Name: The XSS Rat (Wesley Thijs) Title: President / Security Engineer Date: ________________