Sonder

Main Menu
Dojo Mode
Penetration Mode

Inspiration

Over the summer, we saw multiple “vibe-coded” projects get hacked and leak massive amounts of data publicly. That made us realize two things: first, we wanted to ensure our own vibe-coded projects could be secure even with limited cybersecurity knowledge; and second, we wanted a tool that would actively help us learn cybersecurity as we build. This led to Sonder — an agent designed to both test and teach security, using the excellent learning resources from Pwn.college.

What it does

Sonder is an autonomous penetration-testing agent equipped with its own custom tools. It can analyze applications, probe for vulnerabilities, and attempt exploitation in a controlled environment.

Beyond testing, Sonder can switch into a teaching mode. While you complete Pwn.college Dojos, Sonder guides you step-by-step, explains concepts, and aligns you toward the optimal solution rather than simply giving answers. Your progress is saved locally, allowing you to track what you’ve completed and how far you’ve progressed.

How we built it

We forked the OpenCode repository to start from a high-quality open-source agent foundation. We then integrated a custom backend running on Daytona to dynamically spawn virtual machines for Dojo environments.

To improve reliability and reduce hallucinations, we augmented the agent with a custom knowledge graph using Zep, Graphiti MCP, and FalkorDB. This helps steer the model’s reasoning toward cybersecurity concepts, enforce safer behaviors, and block malicious or out-of-scope actions.

Challenges we ran into

• Designing a backend capable of reliably spawning and managing many isolated Dojo environments
• Steering the LLM toward cybersecurity-specific reasoning without over-constraining it
• Preventing hallucinations while still keeping the agent flexible and creative
• Balancing automation with safety so exploits only occur in intended environments

Accomplishments that we're proud of

• Built an autonomous pentesting agent that also functions as a tutor
• Integrated dynamic VM spawning for hands-on security exercises
• Implemented a knowledge-graph–driven reasoning layer to reduce hallucinations
• Created a system that lowers the barrier to learning practical cybersecurity

What we learned

We learned how to orchestrate containers and virtual machines at scale for interactive security labs. We also gained hands-on experience in steering LLM context toward domain expertise using knowledge graphs and retrieval systems.

What's next for Sonder

We plan to continue developing Sonder as a side project to help vibecoders and computer science students gain an adversarial edge in cybersecurity. Future directions include more advanced exploit chains, team-based training modes, and deeper integrations with learning platforms.