Python for Security // HackWithZach

Stop watching Python tutorials.
Start building security tools.

A hands-on course where you write a working security tool in every lesson. It runs in your browser and installs on your phone, no setup, no environment hell. Every lesson is a mission: clear the checks, earn XP, and rank up from Recruit to Architect. Built to win the fight against your phone, not lose it.

Get instant access $97 one time, lifetime access
iPhone, Android, and desktop. Nothing to install. Real Python, in the browser.
lesson_09 · brute_force_detector.py
# count failed logins per IP, alert past the threshold
from collections import Counter
fails = re.findall(r"Failed password .* from (\d+\.\d+\.\d+\.\d+)", log)
for ip, n in Counter(fails).most_common():
    if n >= THRESHOLD:
        print(f"[ALERT] brute force from {ip} ({n} fails)")

>>> [ALERT] brute force from 45.33.12.1 (14 fails)
PASS // +150 XP · rank up: OPERATOR
The problem

Most Python courses make you build a to-do app. Then you quit.

Generic courses teach syntax in a vacuum. You grind through variables and loops with examples that have nothing to do with the work you actually want to do. By the time anything feels relevant, the momentum is gone and the tab is closed.

Security work does not look like a calculator app. It looks like parsing a messy log, fingerprinting a file, flagging a brute-force attempt, pulling threat intel on an IP, and breaking weak crypto. So that is what you build here, from the very first module.

The approach

Built, not lectured.

01

A tool every lesson

You learn the concept, then immediately use it to build something a security analyst would actually run. No filler projects.

02

Runs anywhere, instantly

The whole course is a live Python environment in your browser. Hit Run, see output. Add it to your home screen and it works like an app.

03

It checks your work

Every exercise runs your code and returns PASS or FAIL, the way real tests do. You always know if you got it right.

What you walk away with

Twelve modules. A toolkit you built yourself.

The path goes from print() to a working triage engine and a cloud security pipeline, security-first the whole way. By the end you have written:

01A password auditorRules, loops, and a clear verdict on weak credentials.
02A hashing toolkitFingerprint files and strings with md5, sha1, sha256.
03A log parserTurn ugly log lines into structured records with regex.
04An IOC collectorDedupe and rank indicators of compromise at scale.
05A threat-intel clientMake live API calls to look up and enrich an IP address.
06A cipher breakerBrute force a weak cipher and recover the message.
07A port scannerReal socket code, plus a simulated lab inside the course.
08A brute-force detectorThresholds and counting that turn logs into alerts.
09A mini log-triage SIEMIngest, parse, enrich, score, and alert.
10A cloud DevSecOps pipeline on AWSThe finale. Deploy a broken AWS stack, scan it with Python for the misconfigs that get people owned, then fix every hole with a hardened Terraform baseline.
How it works

No install. No setup. No excuses.

Real Python in the browser

The runtime loads once through WebAssembly. You are running genuine Python, not a watered-down simulation.

Installs like an app

Open the link, add to home screen on iPhone or Android, and it launches full screen and works offline.

Your progress is saved

Completed lessons and exercises are tracked on your device, so you can pick up where you left off.

Lifetime access and updates

Buy once. New lessons and fixes land at no extra cost.

One honest note. Tools that need raw network access, like the port scanner, ship as code you run on your own machine, with a simulated lab inside the course. A browser cannot open raw sockets, and I am not going to fake that and call it a feature.
Built to beat the scroll

It competes with your phone. And wins.

Most learning apps lose to the group chat and the feed. This one borrows the same loops that keep you scrolling and points them at something useful. Clear a lesson, watch the XP land, climb the ranks. You are not grinding through a course, you are running ops.

Recruit Analyst Operator Threat Hunter Red Team Architect

XP for every win

Pass a check, earn XP. First-try clears pay more. Your rank climbs as your skill does, from Recruit all the way to Architect.

Daily streaks

Come back, keep the chain alive. Ten focused minutes a day beats one heroic session you never repeat.

Ops badges

Unlock badges for real milestones: first blood, clean first-try runs, clearing the crypto and detection ops.

1ST x5 CRY

A clearance certificate

Finish the course and earn a shareable certificate stamped with your callsign and final rank. Proof you built it, not watched it.

Fit check

Who this is for.

This is for you if

  • You are starting from zero and want a security-focused on-ramp
  • You work in IT and are moving into security
  • You can read code but freeze when it is time to write it
  • You are tired of theory and want to build something real today

This is not for you if

  • You want a certificate without doing the work
  • You want a passive video course to watch at 2x and forget
  • You are already shipping Python security tooling daily
  • You are not willing to type a single line yourself
Who built this

From someone who does the work.

Built by Zach Marcy. Two decades in IT, six years in cybersecurity, working as a senior security architect. He teaches cloud, AI, and API security through real projects at HackWithZach. The teaching method here is the same one he uses on real systems: build it small, secure it, then break it yourself.

The offer

Start building today.

Python for Security

  • 12 modules, ~36 hands-on lessons
  • A live in-browser Python environment, nothing to install
  • Auto-graded exercises with instant PASS or FAIL
  • XP, six ranks, daily streaks, and ops badges
  • A clearance certificate when you finish
  • Installs on iPhone, Android, and desktop
  • Progress and rank saved on your device
  • Lifetime access and free updates
$97 one-time payment · instant access
Get instant access
Simple guarantee. Go through the first three modules. If you have not written a working security tool with your own hands, email me and I will refund you. No forms, no friction.
Where this leads

This is the on-ramp, not the whole journey. Once you can write tools in Python, the next step is securing the systems everyone is now building on AI. That is what the AI Security Engineer course covers, and Python for Security is where it starts.

Questions

Straight answers.

Do I need any programming experience?
No. Module 0 starts at print() and assumes nothing. If you already have experience, skip ahead to the modules that matter to you.
Does it really run on my phone?
Yes. Open it in your browser, add it to your home screen, and it runs like an app on iPhone and Android. No app store needed.
Do I need to install Python or anything else?
No. The Python runtime loads in your browser the first time you hit Run, then it is cached. The first Run takes a few seconds, everything after is instant.
Can a browser actually run Python?
Yes, through WebAssembly. You are running real Python with the standard library, not a simulation or a quiz.
What about the port scanner and other network tools?
Browsers block raw sockets for security reasons. So those ship as code you run on your own machine, with a simulated lab inside the course so you still see the logic work. Honest beats flashy.
Is my progress saved?
Yes, on your device. Your XP, rank, streak, badges, and completed lessons all persist, so you pick up exactly where you left off.
What is the refund policy?
Go through the first three modules. If you have not written a working tool, email me and I will refund you.

Built beats perfect.

Pick the on-ramp. Write your first security tool today.

Get Python for Security · $97
$97 · lifetime access Get access
Access your course