Space Punks

Space Punks is a living, evolving, online co-op action RPG space romp that was created and developed by Jagex and Flying Wild Hog. Players have the option to blaze a trail alone or team up with three fellow intergalactic thieves to form a formidable fortune-hunting foursome. 

Cyrex couldn’t wait to get our hands on this game and conduct a series of tests under our Grey Box penetration testing service.

In collaboration with Jagex and Flying Wild Hog, Cyrex’ security engineers were contracted to perform penetration and load testing on the backend and gameplay services of Space Punks.

The testing was focused to ensure the validity of the server-side security controls and the performance of both the game and the server infrastructure. We did this by ethically hacking a variety of functionalities such as:

  • Matchmaking system
  • World creation tools
  • Party management systems
  • Creation and registration of player accounts
  • Session management and authentication
  • Physics (meaning player movement and attacking)
  • In-game achievement and rewards

Results

We uncovered a variety of vulnerabilities across several services as a result of our testing. The developers identified several of them critical to high-level vulnerabilities, and we were able to secure them after our tests. Once concluded, the team at Flying Wild Hog were happy with our services, and we conducted a thorough set of sanity and regression tests once we finished testing.

“We found out that there are two benefits of cooperating with Cyrex – the quality of their work and the quality of cooperation with the team. Space Punks’ audit was thorough and gave us confidence in the security and scalability of the game. The way the team operates is a showcase of great balance between structure and flexibility.” 

Flying Wild Hog

Check out the trailer below! To find out more about our services be sure to check out our blog and portfolio.

Space Punks

Test your application's security against the best

Learn more about our penetration testing and ethical hacking for applications.