PwnBot is a fun game to emphasize the importance of locking your computer. An unlocked computer can be used to access accounts, retrieve passwords and install malicious software to compromise entire organizations.
It doesn't matter how strong your lock is if you leave the front door open
PwnBot rewards a point to a person who calls it on someone else's unlocked computer, while taking away points from the person who left their computer unlocked. The score board is visible to everyone, not getting got is the incentive. This also removes the stigma of locking someone else's computer, so any unlocked computer will not stay that way for long.
This Slack Application is provided for free with no uptime or SLA guarantees. Enjoy
You call PwnBot in Slack on someone else's unlocked computer with /pwn @<your_name>, this will give you a point. The aim is to get points while not getting got.
Check the scoreboard with /pwn which lists who has be PWNed the most and who has the most PWNS.
PwnBot runs as a Lambda function backed by DynamoDB, called via API gateway. This is defined as a GeoEngineer project in resources/pwnbot.rb. To create these resources you will need to use AWS SAM.
- Coinbase Director of Security describing PwnBot on Software Engineering Daily