Learn Security by Breaking Things

    Read Code Like a Hacker

    Master vulnerability identification through interactive challenges. Walk through real exploits, review multi-file codebases, and develop the instincts of a security researcher.

    20+
    Challenges
    8
    Languages
    100%
    Hands-On
    Supports:
    SOL
    +more

    Why CodeHunter?

    Develop the instincts of a security researcher through hands-on challenges based on real-world vulnerabilities.

    Code Review

    Hunt vulnerabilities across multi-file projects. Identify the exact line where security breaks down.

    Real Exploits

    Learn from CVE-documented vulnerabilities. Every challenge is based on real-world security incidents.

    Skill Progression

    From rookie to elite. Progress through difficulty tiers as you master vulnerability identification.

    Code Review

    Vulnerability hunting

    Review multi-file projects like a security auditor. Navigate through realistic codebases and identify the exact vulnerable line before it's too late.

    Multi-FileIDE ExperienceHints System
    Start Hunting
    Try It Now

    Can You Spot the Vulnerability?

    Click on the line you think is vulnerable, then check your answer. This is a real challenge from our Code Review mode.

    Scenario: A cinema booking app added detailed error handling to debug production issues. Examine the error responses to find what's being exposed.

    Cinema Booking
    EASYInformation Disclosure
    1const express = require('express');
    2const router = express.Router();
    3const db = require('../config/database');
    4const paymentService = require('../services/paymentService');
    5

    6router.post('/book', async (req, res) => {
    7  try {
    8    const { movieId, seats, payment } = req.body;
    9    const userId = req.user.id;
    10    
    11    const booking = await db.query(
    12      'INSERT INTO bookings (movie_id, seats, user_id, status) VALUES ($1, $2, $3, $4) RETURNING *',
    13      [movieId, seats, userId, 'pending']
    14    );
    15    
    16    await paymentService.processPayment(payment, booking.rows[0].id);
    17    res.json({ success: true, bookingId: booking.rows[0].id });
    18  } catch (err) {
    19    res.status(500).json({ success: false, error: err.message, stack: err.stack, details: err });
    20  }
    21});
    22

    23router.get('/my-bookings', async (req, res) => {
    24  const userId = req.user.id;
    25  const result = await db.query('SELECT * FROM bookings WHERE user_id = $1', [userId]);
    26  res.json(result.rows);
    27});
    28

    29module.exports = router;

    Ready to Hunt Vulnerabilities?

    Sign in to track your progress, earn points, and compete on the leaderboard.