< Supported Vulnerabilities />

Did you know that 85% of all software security exploits are attributed to just 10 known vulnerabilities? These security risks are identified and ranked in the OWASP Top 10.

Secure Code Warrior’s learning content includes over 5,500 challenges and missions covering over 147 different vulnerability types, including the all-important OWASP Top 10, OWASP Mobile Top 10, OWASP API Security Top 10 and CWE/SANS Top 25. Our challenges are continuously revised and updated to include new programming frameworks, as well as new vulnerability types.

We are proud to offer the most comprehensive secure code training, with available challenge content spanning everything from Java, Node.js, C# and React, to legacy languages like COBOL and the ultra-modern GO lang. See our Supported Languages for the full list.

Challenge me now

Supported Vulnerabilties

Authentication & Access Control

Access Control
Cross-Site Request Forgery
Session Handling
Improper Session Handling
Insecure Authentication
Insecure Authorization

Data Handling

Cross-Site Scripting (XSS)
Denial of Service
File Upload Vulnerability
Injection Flaws
Memory Corruption
Unvalidated Redirects & Forwards
Unintended Data Leakage

Insecure Development Practices

Business Logic
Information Exposure
Side Channel Vulnerabilty
Insufficient Logging & Monitoring
Vulnerable Components
Broken Cryptography
Client Side Injection
Insufficient Transport Layer Protection
Lack of Binary Protections
Improper Platform Usage
Client Code Quality
Code Tampering
Code Tampering
Extraneous Functionality
Server-Side Request Forgery

Sensitive Data Protection

Insecure Cryptography
Insufficient Transport Layer Protection
Sensitive Data Storage
Insecure Data Storage

Security Misconfiguration

Security Misconfiguration