Alto Security Testing

this source code conduct with fully vulnerabilities, this source code we intentionally made that condition for learning about vulnerabilities and security flaws

This interview test process will be conducted in 4 step

1. Manual Security Code Review (time 60 minutes)
2. CTF(Capture The Flag) (time 30 minutes)
3. Application Penetration Testing (time 30 minutes)
4. Final Interview (time 30 minutes)

1. Security Code Review Testing

Goal of this testing is to know the level of analisys and problem solving skill of the candidate in code development area

Getting Started With Manual Security Code Review

1. create acount and clone the repo
2. please find the vulnerabilities inside this repo
3. please command in the code and give the reason why that code is vulnerable? what is type of vulnerabilities?
4. please give the solution of that vulnerabilities
5. after finish the code review and the you come out with the solution please push the code with your branch
6. branch format "alto_test-dd-mm-yy_candidatename" example: alto_test-16-03-20_sandyardiansyah

plus point:

• can runing the code with the local database
• can demo it the vulnerabilities

2. CTF(Capture The Flag)

Goal of this testing is to know the level of analisys skill of the candidate in security hole of aplication

Getting Started With CTF(Capture The Flag) Testing

please find username and password of the application the url will provide by interviewer

3. Application Pentest

Goal of this testing is to know the level of Penetration Testing skill of the candidate

Getting Started With Application Penetration Testing

please find the vulnerabilities and exploit that vulnerabilities

4. Final Interview

Goal of this testing is to know the caracter of the candidate