Your Mentor



Welcome back to FastFoodHackings!

Welcome back! We are extremely grateful for your help in the first session and have made patches & changes to our site. We'd love your help to make sure we are doing this correctly!


  • No automated tools to be used on main site AT ALL.
  • Do NOT test for rate limiting bugs.
  • Only login to accounts you own.
  • You do not need to scan for subdomains/files/directories so don't waste your time or our bandwith.

Challenge Goal

In this session we will be testing patches against a custom made live website called, FastFoodHackings. There are a variety of bugs to be found such as XSS, CSRF, account takeover, stored XSS. Can you find them all?
You can view the contents of this mentoring session by clicking the "Live Stream" tab.