In the Fall of 2018, tasked with the responsibility of teaching Computer Systems Security to a little over a hundred fourth-year undergraduate students at Arizona State University, we were faced with a challenge: how do we best teach hundreds of students to become skilled hackers in just a single semester? With a background in Capture The Flag (CTF) competitions, as members of Shellphish and the DEF CON CTF organizing team Order of the Overflow, we realized our best chance was to teach the course in the same way we learned: by doing. And so, the night before the first lecture, at a coffee shop in Tempe, Arizona---late into the night---we bought the domain pwn.college, created the first assignment, and glued together a simple netcat interface in what would become the first version of the pwn.college DOJO.
For a more academic discussion of pwn.college, see our SIGCSE 2024 papers:
- DOJO: Applied Cybersecurity Education In The Browser
- PWN The Learning Curve: Education-First CTF Challenges
See also Connor's PhD work, which focuses on pwn.college:
And some ASU news articles: