intermediate

OWASP Top 10 & Common Attack Vectors in Python (1-5)

This learning path introduces new graduates to web application security through OWASP Top 10 vulnerabilities (1-5). Using Python, learners practice identifying and fixing common security issues in a simple FastAPI-based web app to build strong, practical skills.

See courses

Verified skills you'll gain

DEVELOPING

Secure Coding Practices and Code Review

DEVELOPING

API and Web Services Security

Tools you'll use

curl

FastAPI

Python

Trusted by learners working at top companies

Turn screen time into skills time

Practice anytime, anywhere with our mobile app.

Earn a shareable

Certificate of Achievement

Course 2

A02: Cryptographic Failures

4 lessons

11 practices

This course explores vulnerabilities caused by improper cryptographic implementations or lack of encryption, leading to sensitive data exposure. You’ll learn how attackers exploit weak cryptography and how to securely protect secrets, passwords, and sensitive information.

See details

Course 3

A03: Injection

4 lessons

15 practices

This course demonstrates how injection flaws occur when untrusted data is used to construct queries or commands, and how parameterization or input validation can mitigate these risks in our pastebin application.

See details

Course 4

A04: Insecure Design

5 lessons

14 practices

This course explores design flaws that lead to security vulnerabilities in our pastebin application—from insecure credential recovery to flawed business logic and missing audit trails.

See details

Course 5

A05: Security Misconfiguration

4 lessons

13 practices

This course highlights configuration errors—from leftover sample endpoints and directory listing to detailed error messages—that can expose the pastebin application to attackers.

See details

From our community

Hear what our customers have to say about CodeSignal Learn

I'm impressed by the quality and can't stop recommending it. It's also a lot of fun!

Francisco Aguilar Meléndez

Data Scientist

+11

I love that it's personalized. When I'm stuck, I don't have to hope my Google searches come out successful. The AI mentor Cosmo knows exactly what I need.

Faith Yim

Software Engineer

+14

It's an amazing product and exceeded my expectations, helping me prepare for my job interviews. Hands-on learning requires you to actually know what you are doing.

Alex Bush

Full Stack Engineer

I'm really impressed by the AI tutor Cosmo's feedback about my code. It's honestly kind of insane to me that it's so targeted and specific.

Abbey Helterbran

Tech consultant

I tried Leetcode but it was too disorganized. CodeSignal covers all the topics I'm interested in and is way more structured.

Jonathan Miller

Senior Machine Learning Engineer

+12

I'm impressed by the quality and can't stop recommending it. It's also a lot of fun!

Francisco Aguilar Meléndez

Data Scientist

+11

From our community

Hear what our customers have to say about CodeSignal Learn

I'm impressed by the quality and can't stop recommending it. It's also a lot of fun!

Francisco Aguilar Meléndez

Data Scientist

+11

I love that it's personalized. When I'm stuck, I don't have to hope my Google searches come out successful. The AI mentor Cosmo knows exactly what I need.

Faith Yim

Software Engineer

+14

It's an amazing product and exceeded my expectations, helping me prepare for my job interviews. Hands-on learning requires you to actually know what you are doing.

Alex Bush

Full Stack Engineer

I'm really impressed by the AI tutor Cosmo's feedback about my code. It's honestly kind of insane to me that it's so targeted and specific.

Abbey Helterbran

Tech consultant

I tried Leetcode but it was too disorganized. CodeSignal covers all the topics I'm interested in and is way more structured.

Jonathan Miller

Senior Machine Learning Engineer

+12

I'm impressed by the quality and can't stop recommending it. It's also a lot of fun!

Francisco Aguilar Meléndez

Data Scientist

+11