Member Projects: A Free Hacking Practice Challenge, a Pocket Hardware Hacking Gadget, and a DIY Malware Lab
TLDR: Members of the PWN hacker community are shipping an impressive range of hands-on security projects this week.
Some are software, like a free web hacking challenge you can run at home and a do-it-yourself lab for safely studying malware. Others are hardware, like a pocket gadget that talks to almost any device or wireless signal.
Details below…
Got something worth sharing?
PWN is a community for hackers and security enthusiasts.
We feature the best posts in this newsletter and we’re looking for news stories, writeups, tools, tutorials, discussion threads, and questions that spark real conversation.
We are accepting submissions for: News stories; Tutorials/write-ups; Tools you built or found useful; Discussion threads; or Questions that spark good conversation.
» Create a post, and you could be featured in the next email!
Our community is growing fast, with 935,000 views a month, 33,000 members, and 200+ new people joining daily. Create a post and you could be featured.
Sentinel: A Free Web Hacking Challenge You Can Run at Home
A community member built a deliberately broken website so you can practice real hacking skills on your own machine.
Sentinel poses as a monitoring dashboard for a fictional company called Northwind Logistics, with weak spots planted in exactly three places: a database attack at the easy tier, an access control flaw at medium, and a server trickery attack at the hard tier. Everything else is locked down so you can’t wander off track.
Setup needs only Docker and Git, runs entirely on your own computer with no account, and comes with a full setup guide. Feedback and bug reports are welcome.
ESP32 Bit Pirate 1.6: A Pocket Gadget That Talks to Almost Anything
A member shipped a major update to a tiny hacking gadget that can communicate with nearly any device or wireless signal.
The Bit Pirate can listen in, send commands, and run scripts across the wired connections found inside electronics, plus wireless signals like Bluetooth, Wi-Fi, and the radio used by garage remotes and key fobs. A one-click web installer loads the software for you.
Version 1.6 adds a built-in assistant, direct Wi-Fi hotspot access, and a new adapter system that lets the device double as several other hardware tools.
Building a Malware Analysis Lab From Scratch
A member shared a two-part video walkthrough on setting up a safe space to study malware at home.
The creator drew on lessons from building a similar lab at work, then adapted it into what they describe as an improved personal version. The result is meant as a flexible starting point rather than one fixed recipe.
The series spans two videos covering the whole process, offering different approaches so viewers can adapt the lab to their own needs and goals.
Join PWN on Reddit
PWN is where security people go to stay ahead.
Breach reports, exploits, vendor advisories, and the kind of conversations that make you better at your job, all in one feed.
We’re 32,000+ hackers and cybersecurity enthusiasts strong, with 935,000 monthly views and 200+ new members every day.
You’ll be in the same threads as journalists from Wired Magazine, Electronic Frontier Foundation, 404 Media, Fast Company, and The Guardian breaking the stories firsthand, plus security teams from vendors like Proton, Intigriti, and Hudson Rock sharing research and answering questions directly.
Why join:
Know what’s hitting before it hits you. Get the breach reports, exploits, and vendor advisories early so you can act before they become your problem.
Get sharper, not just busier. Skip the noise and learn from people actually doing the work, on the AI exploits, new defenses, and techniques that move your skills forward.
Make the career move you’ve been planning. Whether it’s your first paycheck in security or your jump from IT into offensive work, you’ll find members who’ve made it and are happy to help you do the same.
Be the person at work who already knows. Walk into Monday meetings ahead of the ransomware incidents and zero-days landing on your team’s radar, and earn the trust that comes with it.
Find your people. Trade ideas with hackers and pros who’ll actually answer your questions, in a community that stays high quality because the bots and noise get cleaned up.