#pwnpath

No multiple choice. No videos. You write the exploit — the judge proves it worked.

scroll to see it run
attacker@pwnpath:~judge
How it works

Three steps, no multiple choice.

01

Write the exploit

Pick a concept on the roadmap, read a scenario tied to a real CVE/CWE, and write shell commands in the in-browser editor.

02

We boot a real target

The judge spins up a deliberately vulnerable Docker container and your attacker box on an isolated, no-egress network.

03

The judge proves it

Your steps run verbatim against ordered oracle stages — recon, exploit, exfil — streaming a stage-by-stage verdict with partial credit.

A curriculum that maps to the real world.

Every problem is built around a real CVE or CWE and a deliberately vulnerable target you actually break into.

21
problems
4
attack tracks
21
roadmap concepts
CWE
every problem tagged
9

Web vulnerabilities

SQLi · XSS · SSRF

6soon

Linux privesc

SUID · sudo · cron

3

Cryptography

hashing · protocols

3

Forensics & triage

PCAPs · logs · memory

Request an invite.

PwnPath is in invite-only beta while we harden the sandbox. Drop your email and we'll send a magic link when a seat opens.

magic-link or GitHub · we never ask for a password