C exercises

734 exercises graded by a sandboxed harness. Write code in the browser, submit, get feedback.

basics

  1. Hello, World! — beginner
  2. Sum two numbers — beginner
  3. Max of three — beginner
  4. Even or odd — beginner
  5. Factorial — beginner
  6. Nth Fibonacci — beginner
  7. FizzBuzz to N — beginner
  8. Is prime? — intermediate
  9. Sum of array — beginner
  10. Reverse array in place — beginner
  11. Count characters — beginner
  12. Reverse a string — beginner
  13. Swap via pointers — beginner
  14. Distance between points — intermediate
  15. Implement strlen — intermediate
  16. Absolute value — beginner
  17. Greatest common divisor — beginner
  18. Leap year check — beginner
  19. Integer power (iterative) — beginner
  20. Array mean — beginner
  21. Strict atoi: parse an int with full error reporting — intermediate
  22. Convert int to string in a fixed buffer — intermediate
  23. Set a single bit — beginner
  24. Clear a single bit — beginner
  25. Toggle a single bit — beginner
  26. Extract a byte from a 32-bit word — beginner
  27. Swap two integers using XOR (no temporary) — beginner
  28. Caesar cipher (educational toy) — beginner
  29. Case-insensitive alphanumeric palindrome check — beginner
  30. Count whitespace-separated words — beginner
  31. Lowercase an ASCII string in place — beginner
  32. Trim leading and trailing whitespace in place — beginner
  33. Print sizeof for the canonical C types — beginner
  34. Spot the signed/unsigned compare trap — beginner
  35. Three-way classify using ternary — beginner
  36. Day of week via Zeller's congruence — intermediate
  37. Sum of decimal digits — beginner
  38. Integer power by recursion — beginner
  39. Parse a single `--key=value` flag — beginner
  40. Implement my_strlen — beginner
  41. Count a character in a string — beginner
  42. Sum 1..n recursively — beginner
  43. Integer power recursively — beginner
  44. Isolate the lowest set bit — beginner
  45. Is a number a power of two? — beginner
  46. Sum an array — beginner
  47. Maximum of an array — beginner
  48. Add two integers — beginner
  49. Square a number — beginner
  50. Index a flattened matrix — beginner
  51. Diagonal sum — beginner
  52. Larger of two — beginner
  53. Smaller of two — beginner
  54. First character — beginner
  55. Last character — beginner
  56. Program status code — beginner
  57. Clamp an exit code — beginner
  58. Copy a string — beginner
  59. String equality — beginner
  60. Count format specifiers — beginner
  61. Validate a format string — intermediate
  62. Swap two integers — beginner
  63. Sum of three — beginner
  64. Bounded string copy — intermediate
  65. Bounded string length — beginner
  66. Fits in a byte? — beginner
  67. Sign of a number — beginner
  68. Strings equal — beginner
  69. Prefix check — intermediate
  70. Parse an integer — intermediate
  71. Parse two integers — intermediate
  72. Bounded concatenation — intermediate
  73. Has a terminator in range? — beginner
  74. Apply an operator — beginner
  75. Even number test — beginner
  76. Count flag arguments — intermediate
  77. Find a flag's value — intermediate
  78. Maximum of three — beginner
  79. FizzBuzz word — beginner
  80. Reverse an array in place — beginner
  81. Palindrome check — beginner
  82. Days in a month — beginner
  83. Letter grade — beginner
  84. Index of a substring — intermediate
  85. Count occurrences — intermediate
  86. Iterative factorial — beginner
  87. Count vowels — beginner
  88. Greatest common divisor — intermediate
  89. Clamp a value — beginner
  90. A counter with static state — intermediate
  91. Running total — intermediate
  92. Triple a value — beginner
  93. Negate a value — beginner
  94. Byte-swap a 32-bit value — intermediate
  95. Read a big-endian uint32 — intermediate
  96. Count words — intermediate
  97. Validate a number string — intermediate
  98. Sum a range — beginner
  99. Product of a range — beginner
  100. Fix the array sum (off-by-one) — intermediate
  101. Fix the maximum (bad initial value) — intermediate

pointers-memory

  1. Sum via pointer walking — intermediate
  2. Implement strcpy — intermediate
  3. Implement strstr — intermediate
  4. Implement atoi — intermediate
  5. Allocate sequence 1..N — intermediate
  6. Deep-copy an int array — intermediate
  7. Concat three strings (no leaks) — intermediate
  8. Count set bits (Hamming weight) — intermediate
  9. Reverse bits of a uint32 — intermediate
  10. Swap two pointers via a function — beginner
  11. Remove the n-th node from a linked list — intermediate
  12. Allocate and free a dynamic 2-D array — intermediate
  13. Grow a dynamic buffer with realloc — intermediate
  14. Bump-pointer arena allocator — advanced
  15. Detect a buffer overflow with a canary — intermediate
  16. Safe overlapping copy (memcpy vs memmove) — intermediate
  17. Grow a buffer and zero only the new region — intermediate
  18. Destroy a linked list without use-after-free — intermediate
  19. Set a value through a pointer — beginner
  20. Read through a pointer — beginner
  21. Nth element via pointer arithmetic — beginner
  22. Distance between pointers — intermediate
  23. Sum an array with a pointer — beginner
  24. Fill an array — beginner
  25. Find a character — beginner
  26. String length by pointer — beginner
  27. Dereference twice — intermediate
  28. Swap two pointers — intermediate
  29. Allocate a range — intermediate
  30. Duplicate an array — intermediate
  31. Zero-initialised allocation — intermediate
  32. All zero? — beginner
  33. Append with realloc — intermediate
  34. Resize via a pointer-to-pointer — intermediate
  35. Allocate, use, free — intermediate
  36. Concatenate two arrays — intermediate
  37. Are allocations balanced? — intermediate
  38. Count leaked allocations — intermediate
  39. Detect a use-after-free — intermediate
  40. Validate a resource lifecycle — intermediate
  41. Bounds-checked element pointer — intermediate
  42. Is an index in bounds? — beginner
  43. Capacity-checked copy — intermediate
  44. Overflow-checked addition — intermediate

data-structures

  1. Linked list length — beginner
  2. Insert at end — intermediate
  3. Reverse a linked list — intermediate
  4. Int stack (push/pop/peek) — intermediate
  5. Circular int queue — intermediate
  6. Int→int hash table (open addressing) — advanced
  7. BST insert — intermediate
  8. BST inorder to array — intermediate
  9. Binary search — intermediate
  10. Bubble sort — intermediate
  11. Quicksort — advanced
  12. Count distinct ints in a sorted array — beginner
  13. Merge two sorted arrays — intermediate
  14. Rotate array right by k — intermediate
  15. Merge sort — intermediate
  16. Heap sort — advanced
  17. Counting sort (small range) — intermediate
  18. 3SUM: triples summing to zero — advanced
  19. Reverse words of a sentence in place — intermediate
  20. Longest substring without repeating characters — intermediate
  21. Detect a cycle in a linked list — intermediate
  22. LRU cache (int keys, fixed capacity) — advanced
  23. Dijkstra shortest paths (small graph) — advanced
  24. Trie: count words with a prefix — advanced
  25. Final Project: todo-list-cli — add/remove/list — intermediate
  26. Final Project: tiny key-value store — intermediate
  27. Final Project: CSV row parser (no quoting) — intermediate
  28. Final Project: tiny stack VM — advanced
  29. Fixed-capacity circular queue — intermediate
  30. Min-heap priority queue — advanced
  31. Merge overlapping intervals — intermediate
  32. LRU cache for string keys — advanced
  33. Binary search (recursive implementation) — intermediate
  34. Flatten a 2D array to 1D (row-major) — intermediate
  35. Tower of Hanoi: count moves — intermediate
  36. Are the brackets balanced? — beginner
  37. A FIFO queue implemented with two stacks — intermediate
  38. Find the middle node of a singly linked list — intermediate
  39. Are two strings anagrams of each other? — beginner
  40. Manhattan distance between points — beginner
  41. Rectangle area — beginner
  42. Compare fractions — intermediate
  43. Dot product of 3-vectors — beginner
  44. Name a colour — beginner
  45. Turn right — beginner
  46. Length of a linked list — beginner
  47. Sum of a linked list — beginner
  48. Balanced brackets — intermediate
  49. Maximum nesting depth — beginner
  50. Ring-buffer index — beginner
  51. Queue length in a ring — intermediate
  52. Find a free slot (linear probing) — intermediate
  53. Lookup with linear probing — intermediate
  54. Height of a binary tree — intermediate
  55. Sum of a binary tree — intermediate
  56. Bubble sort — intermediate
  57. Is it sorted? — beginner
  58. Linear search — beginner
  59. Binary search — intermediate
  60. djb2 string hash — intermediate
  61. Map a hash to a bucket — beginner

file-handling

  1. Write lines to file — intermediate
  2. Read a whole file as text — intermediate
  3. Count lines in a file — intermediate
  4. Count lines from a string buffer — beginner
  5. First line containing a substring — intermediate
  6. Final Project: mini-grep — substring match in lines — intermediate
  7. Final Project: mini-wc — line/word/byte counter — beginner
  8. Final Project: mini-cat — concatenate buffers — beginner
  9. Final Project: log-aggregator — count by level — intermediate
  10. Read a file into a bounded buffer — beginner
  11. Append a line to a file — beginner
  12. Copy a file in chunks — intermediate
  13. Count a byte's occurrences in a file — beginner
  14. Get a file's size — beginner
  15. Extract the Nth CSV field — intermediate
  16. Read a value from INI text — intermediate
  17. Take the last N lines — intermediate
  18. Convert CRLF to LF — beginner
  19. Detect a byte-order mark — beginner
  20. Extract the final path component — beginner
  21. Read a fixed-size record — intermediate
  22. Is a file readable? — beginner
  23. File size via fseek/ftell — intermediate
  24. Read the first N bytes — intermediate
  25. Read one binary int — intermediate
  26. Write bytes to a file — intermediate
  27. Write one binary int — intermediate
  28. Count lines in a file — intermediate
  29. Read the first line — intermediate
  30. File size via stat — intermediate
  31. Is it a regular file? — intermediate
  32. Save a record — intermediate
  33. Load a record — intermediate
  34. Count CSV fields — beginner
  35. Extract a CSV field — intermediate
  36. Count lines at a level — intermediate
  37. First error line number — intermediate

linux-sysprog

  1. Echo argv with indices — intermediate
  2. Env var with default — intermediate
  3. Spawn child and collect exit code — intermediate
  4. Fork+exec /bin/echo — advanced
  5. Pipe roundtrip — advanced
  6. Count SIGUSR1 deliveries — advanced
  7. Copy bytes between fds — intermediate
  8. Minimal cat: print file to fd — intermediate
  9. Substitute $VAR with environment value — intermediate
  10. Print a hex dump line — intermediate
  11. Count env vars with prefix — intermediate
  12. Final Project: mini-shell — argv tokenizer — intermediate
  13. Order of operations to daemonize a process — advanced
  14. Plan a pipe chain for N processes — advanced
  15. Compute a sigprocmask blocking SIGINT/SIGTERM — intermediate
  16. Map poll() events to per-fd readiness flags — intermediate
  17. Write a buffer to two outputs — beginner
  18. Return the last N bytes of a buffer (tail) — beginner
  19. Read an integer environment variable with bounds — intermediate
  20. Parse a `/etc/passwd`-style line — intermediate
  21. Join two path components safely — intermediate
  22. Atomic-write checklist — intermediate
  23. Translate an errno value into a friendly string — beginner
  24. Simulate an eventfd counter — beginner
  25. One-shot timer: 'is now past the fire time?' — beginner
  26. Classify a signal into an action — beginner
  27. Refuse a Unix-socket peer unless their UID is on the allow-list — intermediate
  28. Parse a /proc/self/maps line — beginner
  29. Extract VmRSS from /proc/self/status — intermediate
  30. Predict the result of a mutex-protected counter — beginner
  31. One-shot init: which call performs the work? — beginner
  32. Will this allocation fail under the rlimit? — beginner
  33. Order the daemonisation steps — advanced
  34. Compute a cgroup v2 cpu.max line — intermediate
  35. Resolve a plugin's required symbols — intermediate
  36. Check the mount-namespace flag — advanced
  37. Catch SIGINT and set a flag — beginner
  38. Time-out a blocking read with alarm() — intermediate
  39. Parent process signals a child — intermediate
  40. Translate legacy signal() into sigaction() — beginner
  41. Graceful SIGTERM — set a flag, cleanup in main — intermediate
  42. Create one thread that returns a value — beginner
  43. Spawn N threads, join all — beginner
  44. Pass an integer to each thread (by value) — intermediate
  45. Sum an array using multiple threads — advanced
  46. Demonstrate a race condition — intermediate
  47. Fix the race with a pthread_mutex_t — intermediate
  48. Build a tiny thread-safe counter type — intermediate
  49. Decode a syslog priority value — beginner
  50. Lowest free file descriptor — intermediate
  51. Count open descriptors — beginner
  52. Read with raw descriptors — intermediate
  53. Write with raw descriptors — intermediate
  54. errno after a failed open — intermediate
  55. Set errno in your own function — intermediate
  56. Interpret fork's return — beginner
  57. Processes after N forks — beginner
  58. Length of an argv vector — beginner
  59. Is it an absolute path? — beginner
  60. Decode an exit status — intermediate
  61. Was the child signalled? — intermediate
  62. Bytes left in a pipe — intermediate
  63. Would the write block? — beginner
  64. Does the default action terminate? — intermediate
  65. Can the signal be caught? — beginner
  66. getenv with a default — beginner
  67. Boolean environment flag — beginner
  68. Count command arguments — intermediate
  69. Count pipeline stages — beginner
  70. eventfd counter — beginner
  71. timerfd expirations — beginner
  72. Parallel array sum — advanced
  73. Chunks needed for workers — beginner
  74. Clamp to a soft limit — beginner
  75. Over the hard limit? — beginner
  76. Parse VmRSS from /proc status — intermediate
  77. Parse thread count — intermediate
  78. Same namespace? — beginner
  79. cgroup memory remaining — beginner
  80. Signal name to number — beginner
  81. Signal number to name — beginner
  82. Is it a termination signal? — beginner
  83. Is it a stop signal? — beginner
  84. Does the handler auto-restart syscalls? — intermediate
  85. Does the handler get siginfo? — intermediate
  86. Async-signal-safe function? — intermediate
  87. Is the handler body safe? — intermediate
  88. Raise a signal to yourself — intermediate
  89. Count raised signals — intermediate
  90. Signal yourself with kill — intermediate
  91. Valid signal number? — beginner
  92. Seconds remaining on a timer — beginner
  93. Has the deadline passed? — beginner
  94. Catch Ctrl-C — intermediate
  95. Force-quit on second Ctrl-C — beginner
  96. Correct flag type for a handler — beginner
  97. Coalesced signals — beginner
  98. Useful thread count — beginner
  99. Ideal parallel runtime — beginner
  100. Spawn and join N threads — advanced
  101. Detached vs joinable — beginner
  102. Double a value in a thread — advanced
  103. Safe way to pass per-thread args — beginner
  104. Return a value from a thread — advanced
  105. Why not return a stack address? — beginner
  106. Detect a lost update — intermediate
  107. Is the operation atomic? — beginner
  108. Are lock/unlock balanced? — intermediate
  109. Critical section nesting — beginner
  110. Opposite lock ordering — intermediate
  111. Consistent lock order — intermediate
  112. Does this need synchronisation? — beginner
  113. Reentrant function variant — beginner
  114. Bounded buffer occupancy — intermediate
  115. Would the producer block? — beginner
  116. Forgotten joins — beginner
  117. Classify a threading bug — beginner

networking

  1. TCP echo client (localhost) — advanced
  2. One-shot TCP server — advanced
  3. UDP send and receive — advanced
  4. Parse an HTTP status line — intermediate
  5. TCP connect with timeout — advanced
  6. Find open ports on localhost — advanced
  7. Parse a port number string — beginner
  8. Compute network address from IP + prefix — intermediate
  9. Does CIDR contain IP? — intermediate
  10. Token-bucket rate limiter (single slot) — intermediate
  11. Final Project: HTTP status-line parser — intermediate
  12. Parse HTTP request line (method + path) — intermediate
  13. Build an HTTP GET request — beginner
  14. Parse an IPv4 dotted-quad to uint32 — intermediate
  15. Does an IPv4 CIDR block contain an address? — intermediate
  16. fd_set–style bit tracker for multiplexed I/O — advanced
  17. Compute the IPv4/TCP one's-complement checksum — advanced
  18. Parse the fixed fields of a mock IPv4 header — intermediate
  19. Byte-swap a 32-bit integer — beginner
  20. Compute CRC-8 over a byte stream (poly 0x07) — intermediate
  21. Decode TCP flag byte into individual flags — beginner
  22. Filter the fds reported as readable by epoll_wait — intermediate
  23. Drain a non-blocking 'read' to EAGAIN — intermediate
  24. Parse an IP literal into a discriminated v4/v6 union — beginner
  25. Does an IPv4 address match a CIDR block? — beginner
  26. Decode an HTTP/1.1 chunked body — intermediate
  27. Parse a Cookie header into name/value pairs — intermediate
  28. Choose the right keep-alive interval — intermediate
  29. Decode IGMP membership-query bytes — advanced
  30. Decode a DNS-wire label sequence (no pointer compression) — advanced
  31. Parse the 5-byte TLS record header — advanced
  32. Open a listening TCP socket on localhost — beginner
  33. Connect from a TCP client to a listener — beginner
  34. Send a message client → server (length-prefixed) — intermediate
  35. One-shot echo server — intermediate
  36. Multi-client server with threads (3 connections) — advanced
  37. Localhost port checker (open/closed) — intermediate
  38. Hand-build a minimal HTTP/1.0 GET request — intermediate
  39. Decode a DNS question name — intermediate
  40. Extract the SNI host from a TLS extension — intermediate
  41. Classify an ARP frame — beginner
  42. Parse a TLS record header — intermediate
  43. Valid port number? — beginner
  44. Well-known port? — beginner
  45. Build a host:port string — beginner
  46. Parse a host:port string — intermediate
  47. Clamp the listen backlog — beginner
  48. Allocate a connection id — beginner
  49. Datagrams needed — beginner
  50. Does the datagram fit? — beginner
  51. Port from network bytes — beginner
  52. Port to network bytes — beginner
  53. Build an HTTP GET request — intermediate
  54. Parse the status code — intermediate
  55. Build an HTTP response — intermediate
  56. Parse the request method — intermediate
  57. Count ready descriptors — beginner
  58. Any readable fd? — beginner
  59. Milliseconds to timeval seconds — beginner
  60. Milliseconds to timeval microseconds — beginner
  61. Is it a loopback address? — beginner
  62. Port within scan range? — beginner
  63. Valid HTTP method? — beginner
  64. HTTP status class — beginner
  65. Internet checksum (16-bit ones-complement) — advanced
  66. XOR checksum — beginner
  67. Count epoll events of interest — beginner
  68. Cap the maxevents argument — beginner
  69. Would the call have blocked? — intermediate
  70. Set the non-blocking flag — beginner
  71. Valid hostname character? — beginner
  72. Is the hostname well-formed? — intermediate
  73. Does the path fit in sun_path? — beginner
  74. Abstract socket address? — beginner
  75. Count hextet groups — beginner
  76. IPv6 loopback? — beginner
  77. Parse a chunk size — intermediate
  78. Is this the last chunk? — beginner
  79. Is the TLS version acceptable? — beginner
  80. Is it the HTTPS port? — beginner
  81. Is it a stream socket? — beginner
  82. Is it an internet family? — beginner
  83. Reliable transport? — beginner
  84. Connectionless transport? — beginner
  85. Valid socket fd? — beginner
  86. Did socket() fail? — beginner
  87. Pack a dotted quad into a 32-bit address — intermediate
  88. Unpack a 32-bit address — intermediate
  89. htons via bytes — intermediate
  90. ntohs via bytes — intermediate
  91. Did bind succeed? — beginner
  92. Does binding need privilege? — beginner
  93. Valid backlog value? — beginner
  94. Did accept return a connection? — beginner
  95. Did connect succeed? — beginner
  96. Non-blocking connect in progress? — intermediate
  97. Did we receive everything? — beginner
  98. Bytes left to send — beginner
  99. Active connections — beginner
  100. Peak connections — intermediate
  101. Reads needed for a response — beginner
  102. Did we receive the whole message? — beginner
  103. Is this a localhost name? — beginner
  104. Is it a safe test target? — beginner
  105. Name a socket error — intermediate
  106. Is the error retriable? — beginner
  107. Parse the request line — intermediate
  108. Find a header value — intermediate
  109. SIP request method — intermediate
  110. SIP status code — intermediate
  111. Count IQ samples — beginner
  112. Read a little-endian 16-bit sample — intermediate
  113. DNS question count — intermediate
  114. Is it a DNS response? — intermediate
  115. TLS record content type — intermediate
  116. TLS record length — intermediate

cybersecurity

  1. Strict integer parsing — intermediate
  2. Fix the strcpy overflow — intermediate
  3. Fix the sprintf overflow — intermediate
  4. Detect weak passwords — intermediate
  5. Parse an access log status code — intermediate
  6. Constant-time byte compare — intermediate
  7. Run a program without a shell — intermediate
  8. Detect risky SQL chars — intermediate
  9. Parse an http/https URL safely — intermediate
  10. Detect world-writable files — intermediate
  11. Parse an IPv4 header from bytes — advanced
  12. Count suspicious IPs in a sample log — intermediate
  13. Detect repeated failed logins — intermediate
  14. Parse an HTTP request line — intermediate
  15. Parse HTTP response headers — intermediate
  16. Find dangerous C functions in toy source — intermediate
  17. Replace unsafe strcpy with bounded copy — intermediate
  18. Fix a toy buffer overflow — intermediate
  19. Validate input length — intermediate
  20. Detect command-injection characters in input — intermediate
  21. Write a safe allowlist validator — intermediate
  22. Check local file permissions — intermediate
  23. Compare two files by content hash — intermediate
  24. Build a 32-bit checksum tool — intermediate
  25. Compare tokens in constant time — intermediate
  26. Detect format string misuse in toy code — intermediate
  27. Parse a sample Nmap-style report — intermediate
  28. Localhost-only TCP connection checker — intermediate
  29. Read a banner from a local service — intermediate
  30. Password strength check (local) — intermediate
  31. Redact secrets from a log line — intermediate
  32. Why you don't scan public targets — beginner
  33. HTML-escape user-provided text — intermediate
  34. Detect weak crypto algorithm names — beginner
  35. Validate a password against a policy — beginner
  36. Prevent CSV injection by prefixing risky cells — intermediate
  37. Pattern-match log file rotation candidates — beginner
  38. Detect a malformed username (defensive check) — intermediate
  39. Detect path-traversal patterns in a string — intermediate
  40. Sanitize a user-supplied filename — intermediate
  41. Extract the host from a URL safely — intermediate
  42. Redact email addresses in a log line — intermediate
  43. Redact credit-card-like number runs — intermediate
  44. Bounded string concatenation (drop-in safer strncat) — intermediate
  45. Validate a token against a fixed character allowlist — beginner
  46. Detect format-string injection in user input — intermediate
  47. Unfold an HTTP/1.1 continuation header — intermediate
  48. Validate an HTTP method against an allowlist — beginner
  49. Add two ints with overflow detection — intermediate
  50. Multiply two ints with overflow detection — advanced
  51. Validate a filename against an extension allowlist — beginner
  52. Subtract two ints with overflow detection — intermediate
  53. Refuse a DNS result that resolves to an internal range (SSRF defence) — intermediate
  54. Bidirectional %XX URL encoding with an allow-list — beginner
  55. Identify the file format from the first 8 bytes — beginner
  56. Parse a mock ELF64 header — extract version, machine, entry — intermediate
  57. Parse a /proc/net/tcp line and detect a public LISTEN — intermediate
  58. Decide whether an fd-target string is suspicious — beginner
  59. Strip dangerous environment variables before exec — intermediate
  60. Detect a NUL byte hidden inside argv (within the allocated extent) — beginner
  61. Flag a $PATH entry that is writable by anyone but root — intermediate
  62. Validate that a mkstemp template ends with at least 6 X's — beginner
  63. Reject when O_NOFOLLOW would have refused — intermediate
  64. Identify file type from the first bytes — beginner
  65. Reject a Host header with CR / LF / NUL / space — beginner
  66. Is this syscall on the allow-list? — advanced
  67. Pick the right entropy source for the use case — beginner
  68. Score a setuid program against the 5-item checklist — intermediate
  69. Compose the libFuzzer entry point — beginner
  70. Build one line of an xxd-style hex dump — beginner
  71. Count open ports in a saved nmap XML dump — intermediate
  72. Detect brute-force IPs in auth.log — intermediate
  73. Score a password against a policy struct — beginner
  74. Flag SQL-injection metacharacters in input — intermediate
  75. Render a finding struct as Markdown — beginner
  76. Parse an HTTP request line into method/path/version — intermediate
  77. Read the 24-byte pcap global header — intermediate
  78. Extract the method from a SIP request — intermediate
  79. Classify an 802.11 frame as mgmt/ctrl/data — intermediate
  80. Extract the BLE Complete Local Name from an advertisement — intermediate
  81. Count global symbols in an ELF .symtab buffer — intermediate
  82. Detect a firmware blob's type from its magic bytes — beginner
  83. Read a filename from a mock MFT record — intermediate
  84. Recover an 8.3 filename from a FAT directory entry — intermediate
  85. Parse the 20-byte header of an IQ-samples capture — intermediate
  86. Count unique non-empty subdomains in a wordlist — beginner
  87. Count HIGH-severity entries in a mock CVE JSON feed — intermediate
  88. Score a URL for phishing structural smells — intermediate
  89. Format a contactless-card UID as colon-hex — beginner
  90. Detect a glibc-style stack canary pattern — intermediate
  91. A libFuzzer-shape target that never crashes — intermediate
  92. Constant-time byte equality — intermediate
  93. Write a USTAR tar header for one file — intermediate
  94. Bounded base64 decoder — intermediate
  95. Classify a TCP scan from its flag byte — intermediate
  96. Detect port scanners in a connection log — intermediate
  97. Validate JWT structure — beginner
  98. Flag a Log4Shell JNDI marker — beginner
  99. Compute a CRC-32 checksum — intermediate
  100. Audit a file mode for risky bits — beginner
  101. Read the machine type from a PE header — intermediate
  102. Base64 encode — intermediate
  103. Dictionary attack against a hash — beginner
  104. Validate PKCS#7 padding — intermediate
  105. Would this write overflow? — beginner
  106. Safe write length — beginner
  107. Index in bounds? — beginner
  108. Is a sub-range valid? — intermediate
  109. strlcpy-style copy — intermediate
  110. strlcat-style append — intermediate
  111. Validate a username — intermediate
  112. Validate an integer in range — intermediate
  113. Overflow-checked multiply — intermediate
  114. Overflow-checked size addition — intermediate
  115. Detect format specifiers in input — intermediate
  116. Count percent signs — beginner
  117. Detect shell metacharacters — intermediate
  118. Allowlist a safe argument — intermediate
  119. Check a return code — beginner
  120. Did every step succeed? — beginner
  121. Ensure NUL termination — intermediate
  122. Safe append position — beginner
  123. Parse a bounded unsigned int — intermediate
  124. Parse a hex byte — intermediate
  125. Is the file-access approach TOCTOU-safe? — intermediate
  126. Does it create atomically? — intermediate
  127. Does it refuse to follow symlinks? — intermediate
  128. Does the path contain ..? — intermediate
  129. Is the password strong enough? — intermediate
  130. Does it contain a special character? — beginner
  131. Detect SQL metacharacters — intermediate
  132. Escape single quotes — intermediate
  133. Bounds-safe byte read for a fuzzer — intermediate
  134. Enough input to parse? — beginner
  135. Constant-time equality — intermediate
  136. Which compare is timing-safe? — beginner
  137. Base64 encoded length — beginner
  138. Valid base64 character? — beginner
  139. Are you authorized to test? — beginner
  140. Is the action ethical? — beginner
  141. Is the target in scope? — beginner
  142. Should you stop? — beginner
  143. Is it a private (RFC1918) address? — intermediate
  144. Is it a safe lab target? — beginner
  145. Extract the request path — intermediate
  146. Suspicious request path? — intermediate
  147. Count 404 responses — intermediate
  148. Count distinct client IPs — advanced
  149. Count failed logins — intermediate
  150. Brute-force threshold reached? — beginner
  151. Does the code call strcpy? — beginner
  152. Count unsafe calls — intermediate
  153. Does the code call system()? — beginner
  154. Safer alternative to system()? — beginner
  155. Does the query use a placeholder? — beginner
  156. Is the query built by concatenation? — beginner
  157. Is the scan target allowed? — beginner
  158. Number of ports to scan — beginner
  159. Is it an ELF file? — intermediate
  160. Is the ELF 64-bit? — intermediate
  161. Parse a labelled /proc field — intermediate
  162. Parent PID from status — beginner
  163. Is the setuid bit set? — intermediate
  164. Is the file world-writable? — intermediate
  165. Is the syscall on the allowlist? — intermediate
  166. Default-deny action — beginner
  167. Minimum-size guard — beginner
  168. Read stays within input? — intermediate
  169. Count open ports in nmap XML — intermediate
  170. Count scanned hosts — beginner
  171. Count accepted logins — beginner
  172. Count invalid-user attempts — beginner
  173. Build a finding block — intermediate
  174. Severity rank — beginner
  175. pcap captured length — intermediate
  176. Read a little-endian uint32 — intermediate
  177. 802.11 frame type — intermediate
  178. 802.11 frame subtype — intermediate
  179. BLE AD structure length — beginner
  180. BLE AD type — beginner
  181. ELF symbol binding — intermediate
  182. ELF symbol type — intermediate
  183. Is it gzip-compressed? — beginner
  184. Identify firmware container — intermediate
  185. Is it an MFT record? — beginner
  186. MFT first-attribute offset — intermediate
  187. Is the directory entry deleted? — beginner
  188. Recover the first character — beginner
  189. Count subdomains — intermediate
  190. Count subdomains of a domain — intermediate
  191. Valid CVE id? — intermediate
  192. Extract the CVE year — intermediate
  193. URL contains an @ ? — beginner
  194. Phishiness score — intermediate
  195. UID bytes to hex — intermediate
  196. Single-size UID? — beginner
  197. Is the canary intact? — beginner
  198. Is it a terminator canary? — intermediate
  199. Total evidence size — beginner
  200. Does the bundle fit? — beginner
  201. Is it a known Kali tool? — beginner
  202. Tool category — beginner
  203. Distinct ports touched — intermediate
  204. Is this a port scan? — beginner
  205. Owner permission bits — intermediate
  206. World-writable file? — intermediate
  207. Object-level authorization: stop IDOR / BOLA — intermediate
  208. Bounds-Safe HTTP Request-Line Parser — intermediate
  209. Flag Sensitive API Endpoints — beginner
  210. BOLA Guard: Allowed-Object Set Check — intermediate
  211. BFLA: Rank-Based Function Authorization — intermediate
  212. BFLA: Role-Action Allowlist Check — intermediate
  213. Mass Assignment: Field Allowlist Guard — beginner
  214. Mass Assignment: Allowlist the Fields a Client May Set — intermediate
  215. JWT Structure Splitter — intermediate
  216. Validate a JWT Segment Charset (base64url) — beginner
  217. Fixed-Window Rate Limiter — intermediate
  218. Token-Bucket Rate Limiter — advanced
  219. Count Unique API Endpoint Paths — intermediate
  220. Normalize an API Request Path Safely — intermediate
  221. Constant-Time CSRF Token Comparison — intermediate
  222. Validate CSRF Token Format — beginner
  223. Detect Missing Security Response Headers — intermediate
  224. Bounds-Safe HTTP Header Line Parser — intermediate
  225. Path Traversal Detector — intermediate
  226. Path Traversal: Stay Within Base — advanced
  227. Audit File Modes for Privilege-Escalation Bits — beginner
  228. Flag Over-Privileged Container Capabilities — intermediate
  229. Zip Slip: Reject Unsafe Archive Entries — intermediate
  230. Zip-Slip Safe Path Join — intermediate
  231. Parse a Dotted-Quad IPv4 Address Safely — intermediate
  232. SSRF Defence: Reject Private IPv4 Ranges — intermediate
  233. CIDR Membership Check: ip_in_cidr — intermediate
  234. Usable Hosts in a CIDR Subnet — beginner
  235. Parse a MAC Address Safely — intermediate
  236. Detect the Broadcast MAC Address — beginner
  237. Classify a TCP/UDP Port Number — beginner
  238. Flag High-Risk Exposed Ports — intermediate
  239. Validate a DNS Hostname Safely — intermediate
  240. Count DNS Labels Safely — beginner
  241. Detect Plaintext Password Storage — intermediate
  242. Validate a bcrypt Hash Structure — intermediate
  243. Defensive Password Strength Meter — intermediate
  244. Banned-Password Denylist Check — beginner
  245. Validate a Canonical SHA-256 Hex Digest — beginner
  246. Constant-Time Digest Comparison — intermediate
  247. Spot the ECB Fingerprint — advanced
  248. Flag Weak Cryptographic Algorithms — beginner
  249. Detect Parameterized vs Concatenated SQL — intermediate
  250. Count SQL Parameter Placeholders — intermediate
  251. Set-Cookie Security-Attribute Auditor — intermediate
  252. Audit a Hardened Session Cookie — beginner
  253. Allowlist Validation for SQL Identifiers — beginner
  254. ORDER BY Column Allowlist — beginner
  255. SSRF Guard: Block Internal IPv4 Ranges — intermediate
  256. SSRF Defense: URL Scheme Allow-List — beginner
  257. Server-Side Access Control: Stop the IDOR — intermediate
  258. Count Owned Objects (IDOR-Safe Access Check) — intermediate