OWASP Top 10 & Common Attack Vectors with TypeScript (1-5) | CodeSignal Learn

intermediate

OWASP Top 10 & Common Attack Vectors with TypeScript (1-5)

Application Security

5 courses

68 practices

10 hours

This learning path introduces new graduates to web application security through OWASP Top 10 vulnerabilities (1–5). Using TypeScript, learners practice identifying and fixing common security issues in a simple web app to build strong, practical skills.

See courses

Earn a shareable

Certificate of Achievement

Verified skills you'll gain

DEVELOPING

Secure Coding Practices and Code Review

DEVELOPING

API and Web Services Security

Tools you'll use

curl

Express.js

TypeScript

Trusted by learners working at top companies

Course 1

A01: Broken Access Control

5 lessons

17 practices

This course addresses flaws where improper enforcement of access restrictions allows unauthorized users to access or modify sensitive data or functionality, such as paste snippets or administrative pages, due to unverified input or missing role checks.

See details

Course 2

A02: Cryptographic Failures

4 lessons

11 practices

This course explores vulnerabilities caused by improper cryptographic implementations or lack of encryption, leading to sensitive data exposure. You’ll learn how attackers exploit weak cryptography and how to securely protect secrets, passwords, and sensitive information.

See details

Course 3

A03: Injection

4 lessons

14 practices

This course demonstrates how injection flaws occur when untrusted data is used to construct queries or commands, and how parameterization or input validation can mitigate these risks in our pastebin application.

See details

Course 4

A04: Insecure Design

5 lessons

14 practices

This course explores design flaws that lead to security vulnerabilities in our pastebin application—from insecure credential recovery to flawed business logic and missing audit trails.

See details

Course 5

A05: Security Misconfiguration

4 lessons

12 practices

This course highlights configuration errors—from leftover sample endpoints and directory listing to detailed error messages —that can expose the pastebin application to attackers.

See details

Meet Cosmo:

The smartest AI guide in the universe

Our built-in AI guide and tutor, Cosmo, prompts you with challenges that are built just for you and unblocks you when you get stuck.

From our community

Hear what our customers have to say about CodeSignal Learn

I'm impressed by the quality and can't stop recommending it. It's also a lot of fun!

Francisco Aguilar Meléndez

Data Scientist

+11

I love that it's personalized. When I'm stuck, I don't have to hope my Google searches come out successful. The AI mentor Cosmo knows exactly what I need.

Faith Yim

Software Engineer

+14

It's an amazing product and exceeded my expectations, helping me prepare for my job interviews. Hands-on learning requires you to actually know what you are doing.