Hackers School
Track Matrix Loaded

Training tracks for hands-on security

Same practice-first model as the landing page, now with a clearer breakdown of progression, weekly loops, and outcomes for each track.

CTF Foundations Binary Exploitation Kernel Fuzzing Kernel Pwn

Track Details

Expanded from the landing cards with what to practice, how to practice, and what you ship.

Back to landing preview
Level 01 Beginner

CTF Foundations

Build your baseline operator workflow before touching advanced pwn chains.

Duration
4-6 weeks
Cadence
5-7 hours/week

This track converts tutorial-heavy beginners into deliberate problem solvers. You will build repeatable habits for recon, hypothesis testing, and challenge writeups.

Systems Practice

  • Python scripting for challenge automation
  • Core cryptography and encoding patterns
  • Intro reverse engineering in Ghidra
  • Basic buffer overflow debugging with pwndbg

Challenge Loop

  • Daily warm-up micro challenges
  • Two mentor-led debrief sessions each week
  • One timed challenge sprint every weekend

Track Outcome

Ship your first 25 documented solves and a personal helper-script toolkit you can reuse across events.

Level 02 Intermediate

Binary Exploitation

Go from debugger comfort to reliable exploit development under modern mitigations.

Duration
6-8 weeks
Cadence
7-9 hours/week

Focuses on memory corruption primitives and exploitation strategy. You will work through realistic binaries with partial mitigations and learn to iterate toward stable proofs of concept.

Systems Practice

  • Stack and heap corruption primitives
  • ROP/JOP gadget discovery and chain design
  • ASLR/PIE/NX bypass strategy
  • Exploit script architecture and reliability checks

Challenge Loop

  • Progressive exploit ladders with checkpoints
  • Exploit review rubric on each submission
  • Patch-and-retest exercises to understand defense

Track Outcome

Deliver a portfolio of exploit scripts with clear notes on primitives, constraints, and post-exploitation decisions.

Level 03 Advanced

Kernel Fuzzing

Learn how to generate, triage, and reduce kernel crashes into actionable research leads.

Duration
6-10 weeks
Cadence
8-10 hours/week

You will assemble a working fuzzing lab, tune coverage, and triage high-signal crashes. Emphasis is on reproducibility and disciplined root-cause analysis.

Systems Practice

  • Syzkaller setup and corpus tuning
  • Crash triage with KASAN/KMSAN reports
  • Reproducer minimization and flake reduction
  • Issue hygiene for responsible vulnerability workflow

Challenge Loop

  • Lab bootstrapping milestones
  • Weekly crash triage drills
  • Mentor review on root-cause hypothesis

Track Outcome

Publish a clean crash notebook with reproducers, minimization notes, and high-confidence bug narratives.

Level 04 Expert

Kernel Pwn

Convert kernel bug classes into controlled privilege escalation chains.

Duration
8-12 weeks
Cadence
10+ hours/week

The final track blends deep allocator behavior, race orchestration, and mitigation-aware exploit planning. You will design end-to-end chains rather than one-off tricks.

Systems Practice

  • Race condition design and trigger reliability
  • SLUB internals and object lifecycle control
  • Cred / namespace abuse pathways
  • Mitigation-aware kernel exploit stabilization

Challenge Loop

  • Two-week exploit labs with checkpoints
  • Live exploit read-through sessions
  • Hardening retrospectives after each chain

Track Outcome

Complete a capstone chain that includes trigger, primitive escalation, and post-exploit stability analysis.

Step 01

Choose your starting point

We place you by current skill, not by guesswork. You can skip ahead if you prove readiness.

Step 02

Submit real artifacts

Every track expects scripts, reproducers, and writeups. You are graded on what you produce.

Step 03

Iterate with expert feedback

Mentor notes focus on exploit logic, reliability, and defensive reasoning so your skills transfer to real targets.

Pick a track. Ship real work.

The curriculum is designed to remove passive learning. Every week ends with a concrete artifact and actionable feedback.

Join Waitlist Back to Home