Monstrocity: Rampage is a mobile building and management game, developed by the team at Alpha Dog Games. We were contracted to conduct testing on Monstrocity under our Black Box testing services, which emulates a real-world approach to hacking. Our goal was to identify any and all vulnerabilities and secure them against any malicious actors.
As a mobile game, we had to ensure its security across iOS and Android. In addition, due to the nature of its timed building mechanic, premium currency system, and limited building slots, we ensured that none of these could be exploited to break the game’s progression.
Some of the functionalities we tested included:
- Building resources (time and resource based)
- Premium currency shop
- Builder unit limits
- After-battle reward
- Monster creation and upgrading
- Battle replay system
- Building system (location and placement)
We discovered a variety of vulnerabilities which were deemed critical by the game’s team. Following our initial testing, we were also contracted to conduct another iteration to secure a new version. On both counts of testing, we delivered comprehensive reports of our findings and advisements on how best to secure the vulnerabilities to the best security practices.