Learn basic AppSec terminologies and concepts while playing a card game.
A true beginner-friendly CTF! There are more than 50 challenges, and you can solve all of them from your browser. No tools are required. Plus, it's free!
Go to TinyBirdCTF.comWant to hone your XSS skills? XSS Train is a series of labs dedicated to cross-site scripting vulnerabilities. Pop those alert boxes and win them all.
Go to xssTrain.comAppSecGames brings game-based learning to software security. AppSecGames started with gamification. For example, TinyBirdCTF and XSS-Train are classic Jeopardy-style CTFs where you solve challenges and earn points. However, we soon noticed the lack of 'game-based learning' in the industry and started bringing out beautifully designed games that are "games first."
AppSecGames stands separate from the industry's 'serious games' like Elevation of Privilege and Cornucopia. Those are games that put "learning first.". By the way, we are not starting a war. Gamification, games-based learning, and serious games are all important in the cybersecurity industry. If you look at the industry today,
At this point, AppSecGames is a one-person show. I, Abhi Balakrishnan, design, develop, test, play, and promote the games. Thankfully, my wife and a few other friends offered to be early adopters and gave me constant feedback. Hopefully, I will get more people to play and promote these games in the coming days. Then, if I'm fortunate, I may see more people helping me design, develop, maintain, and invest in these ideas. If that happens, the world will get to see many more of these games - and I wonder how lovely that would be.
My mission - have you seen people playing Minecraft and Farmville? They are playing it for fun, but they learn some cool things about farming and mining while they are playing it. How cool would it be if we could do something similar for AppSec and InfoSec? I dream about that day, and who knows - that dream may come true one day.