~/zeroday $
LEARN TO
BREAK
THINGS
Free to start. Try Rust, Solidity, Exploits & DeFi—no account required. $4.99 unlocks all. Practice & Exam, plus Exploits (browse real incidents), Ops (narrative scenarios), and War Rooms. 2,200+ challenges, 30+ real exploits. Streaks, XP, badges.
▶ Download on App Store — Free
Try Rust, Solidity, Exploits & DeFi free · $4.99 unlocks all · No ads · No subscription
Android / Google Play — Coming soon Privacy Policy
In the app
Sample questions
Why ZeroDay Dev
Practice
Build exploit intuition without reading docs. Tap vulnerable lines, drag tokens into code, get instant feedback.
Exam
Prepare for real security assessments. Timed tests across domains with performance tracking.
Exploits tab
Browse real-world incidents by protocol, date, and amount. Open any incident → practice flow and exercises.
Ops & scenarios
Narrative scenarios: timed runs with chapters, consequences on fail, and debrief with XP and badges.
War Rooms
Real-incident–style timelines, high pressure. Optional in-session chat. A distinct scenario flavor.
Streaks & XP
Stay consistent and level up. Daily streaks, badges, and progression keep you coming back.
Offline-first
Learn on the subway, no Wi‑Fi needed. All content lives on your device.
Free to start — Try Rust, Solidity, Exploits & DeFi · $4.99 unlocks all
No account required — Start immediately
Offline-first, no tracking — Your data stays on device
30+ real-world exploits — Pump.fun, Balancer, Yearn & more
Built for developers — By someone who ships secure code
FAQ
Why practice security on a phone?
Commutes, downtime, habit formation. Learn in 5-minute chunks instead of blocking 2 hours. The tap-and-drag format works without a keyboard—you build exploit intuition, not typing speed.
Why $4.99?
Free to download. Try Rust, Solidity, Exploits, and DeFi for free—no account required. $4.99 one-time unlocks all 10 domains. No subscription. No ads. Mimo charges $10/mo. Sololearn $7/mo. Smart contract security courses run $99+. ZeroDay Dev: $4.99 once for 2,200+ challenges, 30+ real exploits, offline-first.
Is the content based on real exploits?
Yes. 30+ real-world exploits from Pump.fun, Balancer, Yearn, Beanstalk, Indexed Finance, and more. Solana: Pump.fun bonding curve, Wormhole sysvar spoofing, Jito MEV, web3.js backdoor, Token-2022 delegate abuse. Reentrancy, oracle manipulation, flash loans, proxy races. Linked to verified incident records.
What's the difference between Practice and Exercises?
Practice = tap, drag, or select. Quick feedback, many questions. Exercises = full code challenges with reference solutions. Deeper dives when you're ready.
What makes a question "Advanced"?
Multi-step reasoning, exploit construction, or real-world pattern recognition. Gated by XP so you build foundations first. No spoilers—you earn the right to see them.
zero-day
A vulnerability unknown to the vendor—they have zero days to patch it before it’s exploited. We teach you to find and fix them before attackers do.