pwn.college

pwn.college is an education platform for students (and other interested parties) to learn about, and practice, core cybersecurity concepts in a hands-on fashion. In martial arts terms, it is designed to take a “white belt” in cybersecurity through the journey to becoming a “blue belt”, able to approach (simple) cybersecurity competitions (CTFs) and wargames.

The platform is maintained by an awesome team of hackers at Arizona State University. It powers much of ASU's cybersecurity curriculum, and is open, for free, to participation for interested people around the world!

Computing at its core.

pwn.college teaches cybersecurity by diving deep into the core of computing, using that journey to convey cybersecurity to the learner. This will involve melding your mind to your terminal, whispering instructions to the CPU, and strumming bits directly onto networks. That terminal cursor blinking above? It will be your stalwart companion through this adventure as you practice and, eventually, make perfect.

Enjoy your journey! If you have comments, suggestions, and feedback, please email us at pwn@pwn.college!

Ground Rules

The challenges created for pwn.college are, first and foremost, educational material, and are used to grade students at universities around the world. Because of this, we would appreciate that you do not post writeups, walkthrough videos, and livestreams of challenge solutions to the internet. Obviously, we can’t enforce this, but we worked hard to make all of this public, and we would appreciate your help in keeping pwn.college a viable educational platform.

Roadshow

• Getting Started

  😀

  
  3 Modules
  17 Challenges
  

• Python

  🐍

  
  8 Modules
  37 Challenges
  

Want to add your dojo to the fray? Create it here!

After pwn.college

Eventually, hackers continue their journey beyond pwn.college, becoming certain in their skills, achieving brown belt status (and able to, for example, usefully contribute to the cybersecurity industry and academia), before finally graduating to hacking masters: black belts. But this, unfortunately, must happen outside of the dojo (for now!). Some suggestions:

Capture The Flags (CTFs) are a great way to practice your hacking skills in a fun and ethical way. The most popular way to find upcoming events is at https://ctftime.org. There is also a list of introductory CTFs here. If you are at ASU, feel free to check out and join ASU’s enigmatic hacking club.

Wargames are another great way to practice your hacking skills. Whereas CTFs are short (normally 48 hour) events, wargames are not time-based. You can find a list of wargames at https://github.com/zardus/wargame-nexus.

There are many other awesome learning platforms, such as CryptoHack and OST2 that will help teach you explore new topics!

If you want to get involved with cybersecurity research, but don’t know how, consider joining us for an internship at ASU.

Contributing

The infrastructure powering pwn.college is open source, and we welcome pull requests and issues. Some of the modules are closed-source, because they include source code and solution scripts, but others can be found on github. If you are an educator, or otherwise someone we trust, and are interested in collaborating on the modules themselves, please email us at pwn@pwn.college. Likewise, drop us a line if you are interested in collaborating on the slides!

Greetz

Team work makes the dream work, and the team behind pwn.college is full of dreamers! They are:

• Zardus (Yan Shoshitaishvili) originated the idea, created the initial prototype and many of the challenges, and continues to cajole everyone else into a shared vision!
• kanak (Connor Nelson) made the mistake of signing up to TA an “easy A” course and quickly found himself reimplementing Yan’s insane code into the amazing dojo you see today, along with the creation of many challenges.
• robwaz (Robert Wasinger) for the creation of the Software Exploitation dojo.
• Adam Doupe for helping in the brainstorming of the initial concept and helping develop the pwn.college platform.
• mahaloz (Zion Basque) for contributing ROP challenges and embryoasm to pwn.college.
• Erik Trickel for helping in the development of pedagogical concepts underlying pwn.college.
• redgate, for contributing to embryoasm.
• Pascal-0x90, for contributing to embryoasm.
• frqmod, for contributing embryogdb.
• kylebot, for contributing babyfmt, Kernel Exploitation, and the inaugural Quarterly Quiz!
• ramen, for contributing babyfile.
• zolutal, for contributing babyarch.
• spencerpogo, for contributing Windows support.
• sinamhdv for contributing V8 Exploitation.

Resource Index

We use a lot of different resources and platforms. Here they are!