Make or Breakmake or break Back

Rules of engagement

Make or Break exists to teach offensive security ethically. Membership is contingent on following these rules. They are not fine print.

  1. 1Authorized targets only

    Only attack machines you own, machines this platform explicitly provides for you, or systems you have written permission to test. Everything on Make or Break is designed around targets you run yourself or that are provisioned for you.

  2. 2Never touch third parties

    Do not point tools, scans, or exploits at any system that is not an authorized target. Scanning or attacking systems without permission is illegal in most jurisdictions and will get you banned here.

  3. 3Keep techniques in the lab

    The skills you learn are powerful. Use them to defend, to test with permission, and to build. Do not use them to cause harm, steal, or disrupt.

  4. 4Responsible disclosure

    If you find a real vulnerability in a real system in the course of your own authorized work, report it responsibly to the owner and give them time to fix it before any disclosure.

  5. 5No flag sharing

    Submit flags you captured yourself. Sharing flags or writeups for un-retired machines undermines everyone's learning and is treated as cheating.