> ## Documentation Index
> Fetch the complete documentation index at: https://docs.cveplayground.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Introduction

> Practice exploiting real CVEs in disposable, isolated sandbox labs.

CVE Playground is a hands on security learning platform built around real vulnerabilities. You pick a CVE, the platform boots a private container running the vulnerable app, and you work the exploit yourself. When the session ends, the environment is destroyed.

Each lab is built around one real CVE. You read the brief, locate the vulnerable function, reproduce the bug, study the patch, and answer five multiple choice questions that pin down whether you actually understood what you just did. Five correct answers means the lab is finished. Wrong answers do not punish you, but the points only land the first time.

## How a session goes

<Steps>
  <Step title="Sign in">
    Auth0 handles the sign in. The first time you sign in you claim a handle, which becomes the URL of your public profile.
  </Step>

  <Step title="Pick a lab">
    Open the labs catalog. Filter by status, search by CVE ID, or just scroll. Each card shows the CVE, severity, and how much XP it is worth.
  </Step>

  <Step title="Launch the sandbox">
    One click. A private container boots in roughly a minute. You get a URL that only you can reach.
  </Step>

  <Step title="Work the five steps">
    Brief, locate, reproduce, patch, harden. Each step has its own multiple choice question. You can move between steps freely.
  </Step>

  <Step title="Tear it down">
    Stop the sandbox when you are done, or let it expire. Either way, the container is destroyed and nothing leaks between sessions.
  </Step>
</Steps>

## Who this is for

If you are learning offensive or defensive security and you are tired of reading writeups without ever touching the code, this is for you. Researchers use it to keep a finger on classes of bugs they do not see every day. Hiring managers point new engineers at it during onboarding.

You do not need to install anything. A browser is enough.

## Next

<CardGroup cols={2}>
  <Card title="Open the app" href="https://app.cveplayground.com" icon="play">
    Sign in and start a lab.
  </Card>

  <Card title="Quickstart" href="/quickstart" icon="bolt">
    Finish your first lab in about ten minutes.
  </Card>

  <Card title="How labs work" href="/lab-walkthrough" icon="book-open">
    A tour through the five step flow.
  </Card>

  <Card title="Read the blog" href="https://cveplayground.com/blog" icon="newspaper">
    Vulnerability writeups and platform notes.
  </Card>
</CardGroup>
