Hack HeroX Challenge

Hack HeroX Challenge

Calling all hackers, we are looking for security experts to test our platform for web application frontend and backend vulnerabilities.
Judging Closed

Challenge Overview


A penetration test, also known as a pen test, is an authorized simulated cyber attack on a computer system, performed to evaluate the security of the system. The test is performed to identify both weaknesses (also referred to as vulnerabilities), including the potential for unauthorized parties to gain access to the system's features and data, as well as strengths, enabling a full risk assessment to be completed.

During traditional penetration tests, companies source and hire expert freelancers or organizations to perform the security tests necessary for annual compliance with internal security protocols. At HeroX, we have decided to apply crowdsourcing to our regular security evaluations via an incentivized competition model.

If you are qualified and interested in participating in our pen test, visit the Guidelines Tab for more information.

Updates 3

Challenge Updates

One Week Left to Hack HeroX!

May 14, 2019, 9:39 a.m. PDT by MacKenzie Richter

Greetings Hackers, 

You have one week left to submit for Phase II of the Hack HeroX Challenge. The submission deadline is on May 21, 2019 at 11:59 p.m. CDT. 

If you missed the deadline for Phase I, you can still submit a Request to Participate. We will review your request and, if eligible, send you access credentials immediately so that you have time to participate before the Phase II deadline. 

As a reminder, for Phase II you only need to choose 1 test from the list below to conduct your tests and submit preliminary findings.

List of Tests

  1. Cross-Site Scripting (XSS)
  2. SQL Injection
  3. Sensitive Data Exposure
  4. Broken Access Control
  5. Security Misconfiguration
  6. Broken Authentication

Please let us know if you have any questions. 



Only 2 Hours Left!

May 7, 2019, 7:59 p.m. PDT by MacKenzie Richter


Now is your chance to request to participate in the 2-week Hack HeroX Challenge to win $2,500. 

We hope you will Accept the Challenge within the next 2 hours!



At the conclusion of Phase III, each of the 5 Finalists will receive a cash prize:

  • First Place: $2,500
  • Second Place: $1,500
  • Third Place: $1,000
  • Fourth Place: $500
  • Fifth Place: $500




Only 8 Hours Left!

May 7, 2019, 1:59 p.m. PDT by MacKenzie Richter

Greetings Hackers, 

If you're still debating whether to apply to the Hack HeroX Challenge, today is your last chance!

Pro Tip: HeroX recommends that you submit ideas at least three hours before the deadline. Last-minute technical problems and unforeseen roadblocks have been the cause of many un-submitted entries. Don’t let that happen to you!


Phase I is only a request to participate, so it shouldn't take too long to complete -  

As a reminder, see the Challenge Structure below.


Phase I: April 1st - May 7th, 2019 at 11:59pm CDT

  • Hackers submit a Request to Participate
  • All verified hackers will advance to Phase II

Phase II: May 7th - 21st, 2019

  • All approved hackers will be given a list of penetration tests and the necessary credentials to access the in-scope elements of our platform
  • Hackers will choose 1 test from the List of 6 Tests to conduct and submit preliminary findings
  • 5 Finalists will be selected to advance to Phase III

Phase III: May 28th - June 11th, 2019

  • 5 Finalists will be eligible to conduct the remaining 5 tests from the List of Tests, and complete list of approved penetration tests in-scope with the Challenge
  • Hackers will submit all final deliverables including all detected, in-scope platform vulnerabilities
  • All 5 Finalists will earn a cash prize to honor their time commitment to Phase III


Happy Hacking!


Forum 2
Community 81