BlackRock Coding Challenges

BlackRock is the world’s largest asset manager & they love supporting hackers. This season, we’re teaming up to run fun coding challenges at MLH hackathons all across Europe. Put your skills to the test by solving these fun puzzles!

Blackrock ctf 06

Ruby, Python, JavaScript, Algorithms

Fishing for a Job

A few days ago you saw an opening for a software engineering role at your favorite startup – the Daily D'eel. You took the bait and decided to apply. Now it's time to take on their coding challenge to see if you'd sink or swim on the job!

Blackrock challenge 1

APIs, JavaScript, Web Development

No REST For The Weary

Start your adventure as a software engineer at the Daily D'eel by investigating a bug on the website. This task will put your knowledge of HTML, JavaScript, and APIs to the test! Are you up for it?

Blackrock challenge 2

Test Driven Development, Ruby

Testing Your Mettle

Now that you’ve figured out how the Daily D’eel feed works, your next challenge is to fix the bug. Since you’re a savvy developer, you’ve already written unit tests for all of your code. These tests are currently failing due to the bug in your team’s code so you’ll need to fix both the bug and your tests to get them all to pass.

Blackrock challenge 3

Git, Version Control

Git It Together

You’ve corrected the bug in your application and now all of your tests pass! Since everything is awesome and you’re part of a team, you’ll now need to check your code into a version control system. Daily D’eel uses git, so your next challenge is to commit your code to the main repository.

Server logs

Unix, Server Logs

All A-Log The Watchtower

You've received a report that an administrator account for the Daily D'eel website was compromised. Investigate the report by reviewing the access logs for suspicious activity. If you do find something, it may tell you how the account was compromised in the first place!


Security, SQL

Little Bobby Tables

Your research confirmed that an attacker really did compromise an administrator account on the Daily D'eel website. You reset the password to lock them out temporarily, but now you need to secure the system to prevent it from happening again. See if you can recreate the attacker's method and expose the administrator password.