OWASP Top 10 & Common Attack Vectors in Python (1-5) | CodeSignal Learn
Skip to main content
intermediate
intermediate
OWASP Top 10 & Common Attack Vectors in Python (1-5)
Application Security
5 courses
71 practices
10 hours
This learning path introduces new graduates to web application security through OWASP Top 10 vulnerabilities (1-5). Using Python, learners practice identifying and fixing common security issues in a simple FastAPI-based web app to build strong, practical skills.
See courses
Earn a shareable
Certificate of Achievement
Verified skills you'll gain
Badge for API and Web Services Security, Developing
DEVELOPING
API and Web Services Security
Badge for Secure Coding Practices and Code Review, Developing
DEVELOPING
Secure Coding Practices and Code Review
Tools you'll use
curl
FastAPI
Python
Trusted by learners working at top companies
Uber
Meta
Instacart
Google
Netflix
Zoom
Course 1
A01: Broken Access Control
5 lessons
18 practices
This course addresses flaws where improper enforcement of access restrictions allows unauthorized users to access or modify sensitive data or functionality, such as paste snippets or administrative pages, due to unverified input or missing role checks.
See details
Course 2
A02: Cryptographic Failures
4 lessons
Course 3
A03: Injection
4 lessons
Course 4
A04: Insecure Design
5 lessons
Course 5
A05: Security Misconfiguration
4 lessons
Turn screen time into skills time
Practice anytime, anywhere with our mobile app.
Download on the App StoreGet it on Google Play
Scan to download
Sign up
Join the 1M+ learners on CodeSignal
Be a part of our community of 1M+ users who develop and demonstrate their skills on CodeSignal
From our community
Hear what our customers have to say about CodeSignal Learn
I'm impressed by the quality and can't stop recommending it. It's also a lot of fun!
name
Francisco Aguilar Meléndez
Data Scientist
Badge for General Programming, AdvancedBadge for Coding and Data Algorithms, AdvancedBadge for Deep Learning and Neural Networks, Expert
+11
I love that it's personalized. When I'm stuck, I don't have to hope my Google searches come out successful. The AI mentor Cosmo knows exactly what I need.
name
Faith Yim
Software Engineer
Badge for HTML, CSS and Web Browser Fundamentals, ExpertBadge for Software Design and Architecture, IntermediateBadge for Debugging and Troubleshooting, Advanced
+14
It's an amazing product and exceeded my expectations, helping me prepare for my job interviews. Hands-on learning requires you to actually know what you are doing.
name
Alex Bush
Full Stack Engineer
Badge for JavaScript Programming and DOM API, ExpertBadge for Front-End Development, IntermediateBadge for Server-Side Programming, Advanced
+9
I'm really impressed by the AI tutor Cosmo's feedback about my code. It's honestly kind of insane to me that it's so targeted and specific.
name
Abbey Helterbran
Tech consultant
Badge for Computer Science Fundamentals, AdvancedBadge for Prompt Design and Development, DevelopingBadge for Storytelling, Expert
+8
I tried Leetcode but it was too disorganized. CodeSignal covers all the topics I'm interested in and is way more structured.
name
Jonathan Miller
Senior Machine Learning Engineer
Badge for Machine Learning and Predictive Modeling, ExpertBadge for Big Data Processing, AdvancedBadge for Advanced Prompting Techniques, Intermediate
+12
I'm impressed by the quality and can't stop recommending it. It's also a lot of fun!
name
Francisco Aguilar Meléndez
Data Scientist
Badge for General Programming, AdvancedBadge for Coding and Data Algorithms, AdvancedBadge for Deep Learning and Neural Networks, Expert
+11
11 practices
This course explores vulnerabilities caused by improper cryptographic implementations or lack of encryption, leading to sensitive data exposure. You’ll learn how attackers exploit weak cryptography and how to securely protect secrets, passwords, and sensitive information.
See details
15 practices
This course demonstrates how injection flaws occur when untrusted data is used to construct queries or commands, and how parameterization or input validation can mitigate these risks in our pastebin application.
See details
14 practices
This course explores design flaws that lead to security vulnerabilities in our pastebin application—from insecure credential recovery to flawed business logic and missing audit trails.
See details
13 practices
This course highlights configuration errors—from leftover sample endpoints and directory listing to detailed error messages—that can expose the pastebin application to attackers.
See details
Scan to download
Home
Paths
Other paths you may like
beginner
Introduction to Programming with Python
5 courses
121 practices
intermediate
Fundamental Coding Interview Prep with Python
5 courses
84 practices
intermediate
Mastering Algorithms and Data Structures in Python
5 courses
112 practices
advanced
Advanced Coding Interview Preparation with Python
5 courses
87 practices
intermediate
Full-Stack Engineering with JavaScript
6 courses
192 practices
intermediate
Journey into Data Science with Python
7 courses
217 practices
beginner
Java Programming for Beginners
7 courses
184 practices
beginner
Prompt Engineering for Everyone
5 courses
75 practices
Home
Company
AboutCareersLeadershipTalent ScienceNewsroom
Collections
Generative AIBusiness & LeadershipInterview PrepAI & Machine LearningLearn to CodeData Science & Engineering
Platform
Platform OverviewSkills AssessmentsLive Tech InterviewsAI InterviewerAI Role-PlayAI Tutoring with CosmoCertified Assessments
Roles
Talent AcquisitionEngineering LeadersSales LeadersCS & Support LeadersIO PsychologistsIndividuals
Resources
Resource LibraryBlogCustomer StoriesInterview PrepAPI Docs
Support
Knowledge Base
Home
Copyright © 2025 CodeSignal
PrivacyTermsSecurity & Compliance