How It Works Planets Arsenal PLAY NOW

HUNT. CAPTURE. CONQUER.

Capture flags. Conquer nations. Learn real cybersecurity.

BEGIN YOUR HUNT QUICK PLAY 3 MIN Continue your hunt →
FREE • BROWSER & MOBILE • NO DOWNLOAD
Explore

HOW IT WORKS

Three steps. Zero confusion.

1

CHOOSE YOUR NATION

Pick a nation. Each has unique cyber specializations. Your choice shapes everything.

2

HUNT REAL CVEs

Every bounty is a real vulnerability. Learn pentesting by playing.

3

CAPTURE THE FLAG

Plant your flag. Rival nations fight back. Climb the leaderboard.

MEET YOUR AI

ATHELGARD

The AI brain that watches every battle, learns every pattern, and teaches you real cybersecurity.

ATHELGARD
ADAPTIVE AI MENTOR
MEMORY
TEACHING
REASONING
EMPATHY
💡
GUIDE
Guides you step by step when you are stuck
🏅
COACH
Pushes you to think harder and find the answer
📚
PROFESSOR
Deep explanations with real-world context
⚔️
CHALLENGER
Challenges you with harder variants
MISSION BRIEFING
Athelgard is teaching you a real attack
BRIEF
RECON
EXPLOIT
ATTACK
VICTORY
DEPLOY
Athelgard remembers your mistakes, tracks your knowledge gaps, and adapts its teaching style in real time. Powered by Bayesian Knowledge Tracing, episodic memory, and Theory of Mind.
GALACTIC THREAT LEVEL: CRITICAL

MOST WANTED

Heartbleed Colossus
HEARTBLEED COLOSSUS
CVE-2014-0160 · Level 10+
"Every heartbeat leaks a secret. I am the memory your server tried to forget."
Mirai Swarm
MIRAI SWARM
CVE-2016-10401 · Level 15+
"Your cameras. Your routers. Your thermostats. They all answer to me now."
Log4Shell Demon
LOG4SHELL DEMON
CVE-2021-44228 · Level 20+
"One string. That's all it takes. I live in the log line you forgot to sanitize."
THE GAMEPLAY

WHAT YOU ACTUALLY DO

Fly a starship. Hunt legendary bounties. Learn real cybersecurity.

FLY YOUR SHIP
WASD + JOYSTICK + CONTROLLER
Navigate the galaxy. Your fleet auto-hunts while you sleep.
HUNT BOUNTIES
7-PHASE KILL CHAIN
Land on planets. Accept missions. Every bounty is a real CVE vulnerability.
FIGHT BOSSES
LEGENDARY CVE BOSSES
Heartbleed, Log4Shell, EternalBlue — real CVEs incarnated as epic boss battles.
CAPTURE FLAGS
CTF + NATION WARFARE
Plant your flag on conquered planets. 8-minute timer. Rival nations fight back.
REAL CYBERSECURITY
BASED ON THE CYBER KILL CHAIN FRAMEWORK
RECON
Phase 1
WEAPONIZE
Phase 2
DELIVER
Phase 3
EXPLOIT
Phase 4
INSTALL
Phase 5
C2
Phase 6
EXFILTRATE
Phase 7
Every weapon is a real CWE exploit. Every bounty is based on a real CVE. Missions follow the Cyber Kill Chain — the industry-standard 7-phase attack model used by professional red teams worldwide.
OWASP TOP 10 MITRE ATT&CK NIST FRAMEWORK CYBER KILL CHAIN

YOUR JOURNEY

From rookie to galactic commander in 7 steps

01
CHOOSE NATION
Unique lore. Cyber specialization. Your home base.
02
HUNT BOUNTIES
7-phase Kill Chain missions. Type real exploits.
03
EVOLVE DNA
12 traits across 4 strands. Permanent upgrades.
04
CAPTURE FLAGS
Plant flags. 8-minute timer. Nations fight back.
05
EARN AI CREW
10 crew roles. Offline earnings. Trust system.
06
FIGHT BOSSES
Heartbleed. EternalBlue. Log4Shell. Epic battles.
07
EARN CRYPTO
BTC, ETH, SOL from missions. Climb the leaderboard.

18 NATIONS • 18 HQ PLANETS

Every bug is a real vulnerability. Every weapon is a real exploit.

🇺🇸
USA
🇨🇳
China
🇪🇺
European Union
🇯🇵
Japan
🇮🇳
India
🇧🇷
Brazil
🇷🇺
Russia
🇮🇷
Iran
🇨🇦
Canada
🇬🇧
United Kingdom
🇰🇷
South Korea
🇸🇬
Singapore
🇳🇬
Nigeria
🇮🇱
Israel
🇸🇦
Saudi Arabia
🇦🇺
Australia
🇰🇵
North Korea
🏴
Independent

18 NATIONS. 3 FACTIONS. ONE WAR.

YOUR ARSENAL

Every weapon in the game is a real exploit technique

🔍

Reconnaissance

Sweep the void for prey. Your long-range sensors paint every target before your guns ever warm up.

CWE-200: INFORMATION EXPOSURE
Nmap, Shodan, Google Dorking, DNS enumeration. Before you attack, you map. Every port, every service, every version number. Reconnaissance is how the professionals find what others miss. In BountyWarz, your ship's long-range scanners replicate the same methodology used by real penetration testers.
Tools: nmap, whois, dig, traceroute, theHarvester
📡

Port Scanning

Open frequencies, open doors. Your ship maps every entry point on the enemy hull in seconds flat.

TCP/UDP SERVICE ENUMERATION
SYN scans, stealth scans, version detection. 65,535 ports to check, and each open one is a potential entry point. Port scanning is the foundation of network security assessment — and the first thing every bounty hunter learns.
Tools: nmap -sS, masscan, rustscan, netcat
💉

SQL Injection

Whisper the right query and their databases bleed secrets. The deadliest weapon never fires a shot.

CWE-89: SQL INJECTION
OWASP #1. Unsanitized input + database queries = total compromise. Union-based, blind, time-based, error-based — each variant exploits trust between application and database. Understanding SQLi means understanding how data flows through every web application.
Tools: sqlmap, Burp Suite, manual payloads
🎭

XSS Attacks

Turn their own screens against them. Your code rides in on trusted signals — a perfect Trojan.

CWE-79: CROSS-SITE SCRIPTING
Reflected, stored, DOM-based. Inject JavaScript into pages other users trust. Steal sessions, redirect logins, deface sites. XSS is the art of making the victim's browser betray them — and it's everywhere.
Tools: XSStrike, Burp Suite, browser DevTools
🔐

Authentication Bypass

Locks are suggestions. Crack the handshake, walk through the front door, and own everything behind it.

CWE-287: IMPROPER AUTHENTICATION
Broken auth, session hijacking, credential stuffing, JWT manipulation. When authentication fails, the attacker IS the user. Most breaches start here — and understanding auth flaws is what separates amateurs from professionals.
Tools: Hydra, John the Ripper, Hashcat, jwt.io
⬆️

Privilege Escalation

You got in as a guest. You leave as the admiral. Climb the permissions ladder until the whole ship is yours.

CWE-269: IMPROPER PRIVILEGE MANAGEMENT
SUID binaries, kernel exploits, misconfigured sudoers, PATH hijacking. You have a shell — now get root. Privilege escalation is the post-exploitation art of turning limited access into total control.
Tools: LinPEAS, WinPEAS, GTFOBins, PowerUp
🕸️

Pivoting

One breach. Ten systems. Hop between connected networks like a ghost in the corridors of a station.

LATERAL MOVEMENT & PIVOTING
SSH tunneling, port forwarding, SOCKS proxies, pass-the-hash. Once inside one system, reach everything it connects to. Pivoting is how a single compromised machine becomes a launchpad for the entire network.
Tools: Chisel, SSH -L/-R/-D, Proxychains, Metasploit
🏴

CTF Challenges

Live-fire drills against real flags. Prove your skills in the arena where hunters earn their rank.

CAPTURE THE FLAG COMPETITIONS
Jeopardy-style and attack/defense. Categories: web, crypto, forensics, pwn, reverse engineering. CTFs are how the cybersecurity community trains — and BountyWarz brings that competition into the game with real flag capture mechanics tied to each nation's territory.
Platforms: HackTheBox, TryHackMe, picoCTF, CTFtime
8 WEAPONS • TAP TO EXPAND

Get notified about new nations, features, and tournaments:

THE HUNT NEVER ENDS

18 nations. Legendary bosses. Real zero-days. Your warship is fueled and the galaxy is watching.

BEGIN YOUR HUNT