Choose Your Level
Pick the difficulty that matches where you are. You can come back and try a harder level later.
Beginner
Patch a Cross-Site Scripting (XSS) Vulnerability
Fix a dangerous form that allows users to inject malicious scripts.
1 to 2 hours 3 criteria
Start this level
Intermediate
Patch a SQL Injection Vulnerability
Rewrite dangerous raw SQL queries using parameterized statements.
2 to 3 hours 3 criteria
Start this level
Advanced
Secure an App against CSRF & Rate Limiting Attacks
Defend a critical API from automated brute-force attacks and cross-site forgery.
3 to 5 hours 3 criteria
Start this level