Practice Mode
Practice Mode presents code review challenges where you identify vulnerable code and select the correct fix. Available across 70+ vulnerability types in multiple languages.
How It Works
Each challenge follows a two-phase system designed to test both your vulnerability detection and remediation skills:
Phase 1 — Find the Vulnerability
Read through a code snippet and identify which block contains the security vulnerability. Click the correct block among several highlighted options to advance.
Phase 2 — Select the Fix
Once you identify the vulnerability, choose the correct fix from multiple options. Each option looks plausible, but only one properly addresses the security issue.
Challenge Interface
Here's what a typical code review challenge looks like:
Choosing Your Language
Each topic has challenges in multiple programming languages. Your stack preference determines which language is shown by default — backend developers see Python, Java, or Go challenges, while frontend developers see React, Vue, or Angular.
You can switch languages at any time using the language selector. Your preference is saved so you always see challenges in your preferred stack first.
Using Hints
Each phase has a hint button. Using a hint reduces your score for that phase from 50 XP to 25 XP. Hints provide targeted guidance without giving away the answer — they point you in the right direction while still requiring you to think critically.
Hints are optional and you can complete any challenge without them. They are especially helpful when you encounter an unfamiliar vulnerability type for the first time.
Scoring & XP
Your score for each challenge depends on whether you use hints:
| Action | XP |
|---|---|
| Phase 1 correct (no hint) | 50 XP |
| Phase 1 correct (with hint) | 25 XP |
| Phase 2 correct (no hint) | 50 XP |
| Phase 2 correct (with hint) | 25 XP |
| Maximum per challenge | 100 XP |
Challenge Completion
After completing both phases, you see a score breakdown: