Uncertain Times — Infosec's here to help. Learn about remote testing and other COVID-19 resources.

Python Code Security Cyber Range

Gain practical experience and develop your secure Python coding skills through 10 hands-on labs in the Python Code Security Cyber Range.

10 labs  //  2 hours of training

Free training week — 600+ on-demand courses and hands-on labs

Python Code Security Cyber Range overview

This cyber range helps you develop your knowledge in finding and remediating vulnerabilities in Python code. You’ll build and reinforce your skills as you progress through labs covering a wide range of Python code security topics, including using Bandit, PyT and other tools to find common security issues in Python code, perform taint and control flow analysis, and recognize vulnerabilities that can lead to common application attacks, such as cross-site scripting or XPath injection. You will also practice identifying supply chain vulnerabilities, unsafe deserialization and other risks.

Labs

Introduction to Python Bandit
Lab
Introduction to Python Bandit

Introduction to Python Bandit

Python bandit is one of the most commonly used Python linters and static analysis tools. This lab introduces the use of bandit for analysis of Python code.

Duration: 13:00

Introduction to Python Control Flow Analysis
Lab
Introduction to Python Control Flow Analysis

Introduction to Python Control Flow Analysis

Control flow analysis is useful for identifying mistakes or unexpected flows in a program. This lab demonstrates the use of staticfg for control flow analysis in Python.

Duration: 11:00

Command Injection in Python
Lab
Command Injection in Python

Command Injection in Python

A command injection vulnerability enables an attacker to run malicious code on the system where an application is running. This lab demonstrates how to identify, exploit and mitigate these vulnerabilities in Python.

Duration: 13:00

XPath Injection in Python
Lab
XPath Injection in Python

XPath Injection in Python

XPath is a programming language for extracting data from XML files; however, it is vulnerable to injection attacks. This lab demonstrates vulnerable code and how to exploit and remediate it.

Duration: 15:00

XML Attacks in Python
Lab
XML Attacks in Python

XML Attacks in Python

XML is a useful method for storing structured data, but code parsing it can be vulnerable to a number of attacks. This lab demonstrates some of the ways that different XML parsing functions can be exploited in Python.

Duration: 12:00

Race Conditions in Python
Lab
Race Conditions in Python

Race Conditions in Python

Race condition vulnerabilities exist when the proper operation of a program depends upon operations being run sequentially back-to-back. This lab demonstrates how to identify, exploit and remediate these vulnerabilities.

Duration: 14:00

Cross-Site Scripting in Python
Lab
Cross-Site Scripting in Python

Cross-Site Scripting in Python

Cross-site-scripting (XSS) is one of the most common web application vulnerabilities in existence. This lab demonstrates how to identify, exploit and remediate XSS vulnerabilities in Flask web applications.

Duration: 16:00

Cross-Site Request Forgery in Python
Lab
Cross-Site Request Forgery in Python

Cross-Site Request Forgery in Python

Cross-site request forgery (CSRF) vulnerabilities allow an attacker to force unauthorized actions to be taken on an authenticated user’s account. This lab demonstrates how to identify, exploit and remediate these vulnerabilities in Python code.

Duration: 11:00

Supply Chain Vulnerabilities in Python
Lab
Supply Chain Vulnerabilities in Python

Supply Chain Vulnerabilities in Python

Very few applications are designed to be completely standalone, and a program’s dependencies can introduce vulnerabilities. This lab demonstrates the use of tools for identifying potential supply chain vulnerabilities in Python programs.

Duration: 12:00

Unsafe Deserialization in Python
Lab
Unsafe Deserialization in Python

Unsafe Deserialization in Python

Serialization is helpful for making Python objects and data writable to files and transferrable over the network. This lab demonstrates how some serialization options can be vulnerable to exploitation in Python and how to securely serialize data.

Duration: 14:00

 

Plans and pricing

Personal

$299

Annually

Teams

$599 / license

Annually. Includes all content plus team admin and reporting.

Award-winning training that you can trust

Infosec Skills

Best IT Security-related Training Program

Infosec and Infosec Skills

Best Cybersecurity Education Provider and Best Security Education Platform

Infosec Skills

Most Innovative Product

Infosec Skills

Cyber Security Education and Training

Infosec Skills

Exceptional learning experiences powered by LX Labs cyber expertise

Infosec Skills courses and labs are powered by LX Labs — our elite team of cyber SMEs, learning specialists and community of top-ranked security instructors, published authors and sought-after industry leaders. We rigorously vet all Infosec Skills training resources to guarantee they meet certification and compliance requirements and align with recognized guidelines like the NICE Cybersecurity Workforce Framework.

LX Labs