pwn.college

pwn.college is an education platform for students (and other interested parties) to learn about, and practice, core cybersecurity concepts in a hands-on fashion. In martial arts terms, it is designed to take a “white belt” in cybersecurity through the journey to becoming a “blue belt”, able to approach (simple) cybersecurity competitions (CTFs) and wargames.

The platform is maintained by an awesome team of hackers at Arizona State University. It powers much of ASU's cybersecurity curriculum, and is open, for free, to participation for interested people around the world!

Computing at its core.

pwn.college teaches cybersecurity by diving deep into the core of computing, using that journey to convey cybersecurity to the learner. This will involve melding your mind to your terminal, whispering instructions to the CPU, and strumming bits directly onto networks. That terminal cursor blinking above? It will be your stalwart companion through this adventure as you practice and, eventually, make perfect.

Enjoy your journey! If you have comments, suggestions, and feedback, please email us at pwn@pwn.college!

Ground Rules

The challenges created for pwn.college are, first and foremost, educational material, and are used to grade students at universities around the world. Because of this, we would appreciate that you do not post writeups, walkthrough videos, and livestreams of challenge solutions to the internet. Obviously, we can’t enforce this, but we worked hard to make all of this public, and we would appreciate your help in keeping pwn.college a viable educational platform.

Getting Started — Learn the Basics!

The material on pwn.college is split into a number of "dojos", with each dojo typically covering a high-level topic. These first few dojos are designed to help you Get Started with the platform. Start here before venturing onwards!

Note: if you run into problems with concepts and challenges, you can get help on our discord server. The discord is also a great place to chat with other aspiring hackers!

• Getting Started

  

  15 Hacking
  2 Modules
  10 Challenges
  

• Linux Luminarium

  🐧

  52 Hacking
  12 Modules
  84 Challenges
  

• Computing 101

  💻

  55 Hacking
  7 Modules
  69 Challenges
  

• Playing With Programs

  🔤

  35 Hacking
  5 Modules
  255 Challenges
  

After completing the dojos above, dive into the Core Material below!

Core Material — Earn Your Belts!

These dojos form the official pwn.college curriculum, taking you on a curated journey through the art of hacking. As you progress and build your skills, like in a martial art, you will earn belts for completing dojo after dojo.

The material is designed to be tackled in order. We won't stop you from jumping around if you want (and have the requisite skills), but you must earn belts sequentially.

• Intro to Cybersecurity

  

  62 Hacking
  7 Modules
  181 Challenges
  

• Program Security

  

  39 Hacking
  6 Modules
  161 Challenges
  

• System Security

  

  10 Hacking
  6 Modules
  93 Challenges
  

• Software Exploitation

  

  6 Hacking
  6 Modules
  103 Challenges
  

After completing the dojos above, not only will you be added to the belts page, but we will send you actual pwn.college-embroidered belts!

To get your belt, send us an email from the email address associated with your pwn.college account. We’ll then get your belt over to you (eventually)! Note that, due to logistical challenges, we're currently only shipping belts to hackers after they earn their blue belt. Until then, we will belt you in person, at ASU or some security conference.

Community Material — Earn Badges!

No matter how much material we create, there is always more to learn! This section contains additional dojos created by the pwn.college community. Some are designed to be tackled after you complete the dojos above, whereas others are open to anyone interested in more specialized topics.

Completing these dojos will grant you emoji badges!

• pwn.college Archives

  📘

  
  4 Modules
  43 Challenges
  

• ACSAC 2024 CTF

  🌴

  
  1 Module
  11 Challenges
  

• ARM Architecture

  🦾

  1 Hacking
  2 Modules
  28 Challenges
  

• CTF Archive

  🏁

  2 Hacking
  79 Modules
  645 Challenges
  

• The Quarterly Quiz

  📝

  1 Hacking
  2 Modules
  13 Challenges
  

• Windows Warzone

  🪟

  
  2 Modules
  17 Challenges
  

• Arizona CTF 2025

  🔱

  
  5 Modules
  23 Challenges
  

• Cryptomania

  
  1 Module
  6 Challenges
  

• Desert CodeSprouts

  💡

  
  3 Modules
  7 Challenges
  

• Hacker History

  🧙

  
  2 Modules
  8 Challenges
  

• Hanto Dojo

  🐍

  
  5 Modules
  33 Challenges
  

• Honors Dojo

  ⌨

  
  1 Module
  6 Challenges
  

• Hunter Dojo

  🗿

  1 Hacking
  1 Module
  4 Challenges
  

• Hydra Dojo

  🐉

  
  1 Module
  7 Challenges
  

• Kalevala

  🐻

  1 Hacking
  3 Modules
  18 Challenges
  

• Linux Lunacy

  
  2 Modules
  7 Challenges
  

• Pwntools Tutorials

  🏴

  2 Hacking
  1 Module
  12 Challenges
  

• The Art of the Shell

  🐚

  
  5 Modules
  51 Challenges
  

• The House Always Wins

  🎲

  
  1 Module
  9 Challenges
  

• Westworld Dojo

  🤖

  
  1 Module
  2 Challenges
  

The Courses — Earning Credit

We leverage the above material to run a number of courses on this platform. For the most part, these courses import the above material, though some might introduce new concepts and challenges.

• CSE 365 - 2025 Summer

  10 Hacking
  20 Modules
  485 Challenges
  

• CSE 365 - Spring 2025

  1 Hacking
  20 Modules
  493 Challenges
  

• CSE 466 - Fall 2024

  1 Hacking
  11 Modules
  228 Challenges
  

• CSE 539 - Spring 2025

  
  7 Modules
  44 Challenges
  

• CSE 598 - Spring 2025

  
  7 Modules
  107 Challenges
  

• CSE 598 AVR - Fall 2024

  
  7 Modules
  62 Challenges
  

Want to use pwn.college in your course? No problem! You can use the videos and slides of pwn.college lectures freely for non-commercial purposes, but please provide attribution! Additionally, if you use pwn.college in your own education program, we would appreciate it if you email us to let us know. Evidence of wide-spread use of pwn.college for education will be a huge help for our various academic careers!

EDUCATORS: If you are an educational institution and are using pwn.college as part of a class, you can import our challenges (or add your own) into your own private dojo for your students! Create your dojo here.

CONFERENCES: If you are running a conference and would like pwn.college presence there (as a form of intense weekend-long training), please email us!

Your Own Dojos — Share With the World!

You can create your own dojo, either hosting your own challenges or remixing existing material! Once created, a dojo can be shared with your friends or students (providing a private scoreboard and curated experience) or made public to the world to appear in the Community Material list above!

Want to add your dojo to the fray? Create it here!

After pwn.college

Eventually, hackers continue their journey beyond pwn.college, becoming certain in their skills, achieving brown belt status (and able to, for example, usefully contribute to the cybersecurity industry and academia), before finally graduating to hacking masters: black belts. But this, unfortunately, must happen outside of the dojo (for now!). Some suggestions:

Capture The Flags (CTFs) are a great way to practice your hacking skills in a fun and ethical way. The most popular way to find upcoming events is at https://ctftime.org. There is also a list of introductory CTFs here. If you are at ASU, feel free to check out and join ASU’s enigmatic hacking club.

Wargames are another great way to practice your hacking skills. Whereas CTFs are short (normally 48 hour) events, wargames are not time-based. You can find a list of wargames at https://github.com/zardus/wargame-nexus.

There are many other awesome learning platforms, such as CryptoHack and OST2 that will help teach you explore new topics!

If you want to get involved with cybersecurity research, but don’t know how, consider joining us for an internship at ASU.

Contributing

The infrastructure powering pwn.college is open source, and we welcome pull requests and issues. Some of the modules are closed-source, because they include source code and solution scripts, but others can be found on github. If you are an educator, or otherwise someone we trust, and are interested in collaborating on the modules themselves, please email us at pwn@pwn.college. Likewise, drop us a line if you are interested in collaborating on the slides!

Greetz

Team work makes the dream work, and the team behind pwn.college is full of dreamers! They are:

• Zardus (Yan Shoshitaishvili) originated the idea, created the initial prototype and many of the challenges, and continues to cajole everyone else into a shared vision!
• kanak (Connor Nelson) made the mistake of signing up to TA an “easy A” course and quickly found himself reimplementing Yan’s insane code into the amazing dojo you see today, along with the creation of many challenges.
• robwaz (Robert Wasinger) for the creation of the Software Exploitation dojo.
• Adam Doupe for helping in the brainstorming of the initial concept and helping develop the pwn.college platform.
• mahaloz (Zion Basque) for contributing ROP challenges and embryoasm to pwn.college.
• Erik Trickel for helping in the development of pedagogical concepts underlying pwn.college.
• redgate, for contributing to embryoasm.
• Pascal-0x90, for contributing to embryoasm.
• frqmod, for contributing embryogdb.
• kylebot, for contributing babyfmt, Kernel Exploitation, and the inaugural Quarterly Quiz!
• ramen, for contributing babyfile.
• zolutal, for contributing babyarch.
• spencerpogo, for contributing Windows support.
• sinamhdv for contributing V8 Exploitation.
• smcxdeathburger, for contributing Windows Injection and Hijacking.

Resource Index

We use a lot of different resources and platforms. Here they are!