pwn.college
“pwn.college is an education platform for students (and other interested parties) to learn about, and practice, core cybersecurity concepts in a hands-on fashion. In martial arts terms, it is designed to take a “white belt” in cybersecurity through the journey to becoming a “blue belt”, able to approach (simple) cybersecurity competitions (CTFs) and wargames. Our philosophy is “practice makes perfect”.
The platform is maintained by an awesome team of hackers at Arizona State University. It powers much of ASU’s cybersecurity curriculum, and is open, for free, to participation for interested people around the world!”
Because this material is used to assess and grade students, they ask folks not to post write-ups and I intend on honoring that request - especially as this material is free. Instead, what I hope to do is keep a sort of log of the core skills each belt covers. That way I can track my skill gains here while still honoring their wishes.
Core Material - Belts
The main material is organized into belt ranks, each with their own theme. The White Belt is totally centered on learning how to use the pwn.college interface. The Luminarium covers fundamentals of using the Linux and the Linux command line interface. It’s meant to be very introductory, and as excited as I am for some of the later material, a review of basics to fill any gaps that may have unknowingly appeared would be good for me. The Refreshers are rather comprehensive foundations for the rest of the material - covering topics such as program misuse and interaction, assembly language, and debugging. The Orange Belt handles topics like web servers, web security, intercepting communication, and cryptography. The Yellow Belt goes into topics like shellcode injection, reverse engineering, errors, and program exploitation. The Green Belt goes into more advanced areas like sandboxing, race conditions, kernel security, and more advanced system exploitation. The final belt - the Blue Belt - covers areas like return oriented programming, format strings, file struct exploits, misuse of the dynamic allocator, primitives, microarchitecture, and more on kernel exploitation.
| Belt | Topic | Modules | Challenges | Running Total |
|---|---|---|---|---|
| White | Getting Started | 2 | 10 | 10 |
| Linux Luminarium | Linux | 12 | 84 | 94 |
| Optional Refreshers | Various | 4 | 228 | 322 |
| Orange | Cybersecurity Intro | 6 | 124 | 446 |
| Yellow | Program Security | 4 | 110 | 556 |
| Green | System Security | 5 | 80 | 636 |
| Blue | Software Exploitation | 8 | 173 | 809 |
With 809 challenges, there’s a lot of material to learn. Even at 3 challenges per day without ever missing a day it would take ~270 days to complete it all. If I start today on that schedule today, it would take me through mid-June to complete it all.
Community Material - Badges
If that wasn’t enough, the community has also developed additional content, and the pwn.college platform has provided us with the opportunity to earn badges to show our completion of the community dojos. In total, there are 682 additional challenges, meaning at the same hypothetical rate of 3 challenges each day, it would take from mid-June 2025 to end of January 2026 to complete the rest. However far I decide to go, there’s a lot of exciting things to learn between then and now.
| Name | Modules | Challenges | Running Total |
|---|---|---|---|
| pwn.college Archives | 3 | 27 | 27 |
| ARM Dojo | 2 | 28 | 55 |
| CTF Archive | 61 | 493 | 548 |
| The Quarterly Quiz | 2 | 13 | 561 |
| Codesprouts's | 1 | 3 | 564 |
| Computing 101 | 3 | 15 | 579 |
| Hunter Dojo | 1 | 4 | 583 |
| Hydra Dojo | 1 | 7 | 590 |
| Kalevala | 2 | 17 | 607 |
| Linux Lunacy | 2 | 6 | 613 |
| Pwntools Tutorials | 1 | 12 | 625 |
| The Art of the Shell | 5 | 46 | 671 |
| The House Always Wins | 1 | 9 | 680 |
| Westworld Dojo | 1 | 2 | 682 |