Welcome to the Secure coding with python course. In this repository you will find a series of branches for each step of the development of a sample marketplace application. In such a development, we will be making security mistakes and introducing vulnerabilities, we will add tests for them and finally fixing them.
The branches will have the following naming scheme for easier navigation: {Chapter number}-{Chapter Name}/{code|test|fix}. I encourage you to follow the chapters in order, but you can also skip to the specific one you wish to review.
For this course we will be using Python3, Flask and PostgreSQL.
In order to run the code we will set up a virtual environment using pyenv and pyenv-virtualenv. Please refer to each repo for installation instructions.
We create our environment with:
> pyenv virtualenv 3.7.4 sec-coding-marketplace
and we enable it with:
> pyenv shell sec-coding-marketplace
Proceed to next section
- 2.1-sql-injection/code
- 2.1-sql-injection/test
- 2.1-sql-injection/fix
- 2.2-sql-injection/test
- 2.2-sql-injection/fix
- 2.3-sql-injection/fix
- 3.1-weak-password-storage/code
- 3.1-weak-password-storage/fix
- 3.2-weak-password-storage/test
- 3.2-weak-password-storage/fix