Static Analysis
If you like applying Static Analysis, every challenge here gives you a chance to practice it on a real industry brief.
- CodeIntermediateNew
Build a Secure-Coding Linter Ruleset for a Backend Team
Receive the last 12 security-review findings, 3 representative repos (Node.js + TypeScript), and access to a CI pipeline (GitHub Actions). Build a custom Semgrep ruleset (or ESL…
- Secure Coding
- Static Analysis
- Semgrep
Introduction to Computer Security - CodeAdvancedNew
Build a Dataflow-Based Dead-Code Detector for a Python Monorepo
Build a Python tool using libcst (or ast + jedi) that constructs a call graph across the monorepo. Account for indirect references (entry points in setup.py / pyproject.toml, dy…
- Dataflow Analysis
- Ast
- Call Graph
Program Analysis - CodeAdvancedNew
Build a CodeQL Query Pack to Catch Logging-of-PII
Use CodeQL to write queries for Java and Python that detect data flow from PII sources (request parameters, database columns marked PII, user-profile fields) into logging sinks …
- Static Analysis
- Codeql
- Data Flow Analysis
Program Analysis - AnalysisIntermediateNew
Code-Smell Triage Workshop for a Hiring-Platform Backend
Run static analysis (SonarQube + a custom ruleset for domain-specific smells) on the four most-touched services. Score each smell on the 22-item Fowler catalog by occurrence cou…
- Code Smells
- Static Analysis
- Refactoring Prioritization
Refactoring and Code Smell Detection Practice your coursework on real scenarios.
Every challenge is shaped from real industry context — not generic exercises. The work mirrors what your degree prepares you for.
Why Ewance
- AnalysisAdvancedNew
Build a Technical Debt Register for a Legacy Banking Monolith
Run 8 structured 45-minute engineer interviews (template provided) capturing one debt item per pain point with reproducible evidence. Run SonarQube against the monolith for a qu…
- Technical Debt
- Debt Quadrant
- Code Quality
Technical Debt Management - CodeExpertNew
Abstract-Interpretation-Based Configuration Validator for a SaaS Platform
Define an abstract domain capturing relations between configuration fields (e.g. 'if billing.plan = enterprise then features.audit_log = true'). Implement an abstract-interpreta…
- Abstract Interpretation
- Static Analysis
- Rust Programming
Program Analysis - CodeExpertNew
Build a Symbolic-Execution-Based Test Generator for a Library
Pick KLEE for the symbolic-execution engine. Build LLVM bitcode for the library's C99 build target. Define symbolic inputs for the public parsing API (date strings up to 32 char…
- Symbolic Execution
- Klee
- Test Generation
Program Analysis - StrategyIntermediateNew
Code Review Bootcamp for an Early-Stage Mobile Team
Read the team's last 100 merged PRs (export provided) and tag the 10 worst review threads (rubber-stamp, bikeshed, missing context). Draft a 4-page code-review guideline coverin…
- Code Review
- Team Coaching
- Process Design
Software Construction - Browse challenges
Explore role
Product Manager
Ship product that solves real user problems. Combine user research, prototyping, and stakeholder alignment to turn ambiguous briefs into measurable wins — the role at the centre of modern software teams.
- AnalysisAdvancedNew
Apply the SQALE Method to a Telecom OSS Codebase
Configure SonarQube's quality profiles to match the SQALE model's 8 characteristics (testability, reliability, changeability, efficiency, security, maintainability, portability,…
- Sqale Method
- Technical Debt
- Code Quality
Technical Debt Management - DesignExpertNew
Migrate a 600K-LOC Monolith to a Modular Monolith
Run static dependency analysis on the monolith (using Packwerk + custom Ruby AST scripts, both available) to surface the current implicit modules and the worst cross-module depe…
- Large Scale Codebases
- Modular Monolith
- Static Analysis
Advanced Software Engineering - CodeExpertNew
Detect Use-After-Free with Pointer Analysis in a C++ Codebase
Build the codebase with compilation database (compile_commands.json). Write a custom Clang static-analyzer checker (or extend an existing one) that flags resource-handle uses af…
- Pointer Analysis
- Static Analysis
- Use After Free
Program Analysis - CodeIntermediateNew
Replace Raw Pointers with Smart Pointers in a Game-Engine Module
Audit the 18k-line module for raw-pointer ownership patterns (owning, borrowing, shared). Refactor in 4 phases: (1) introduce unique_ptr for clearly-owning sites, (2) shared_ptr…
- Cpp Programming
- Manual Memory Management
- Pointers
Imperative and Low-Level Programming Build a verifiable portfolio.
Submissions become evidence. Reviewers with shipping experience score against a rubric; the result becomes a credential anyone can verify.
Why Ewance
How it works
From brief to credential, in six steps.
Step 01
Browse challenges aligned to your studies.
Step 02
Accept the one that fits your goals.
Step 03
Work through it with AI Copilot guidance.
Step 04
Submit for structured evaluation.
Step 05
Earn a verified credential.
Step 06
Add it to LinkedIn with one click.
Industry teams behind a decade of practitioner briefs
Hiring from this pool?
Sponsor a challenge and meet candidates through actual work.
Industry teams can shape briefs around the skills they hire for, then evaluate students on rubric-scored deliverables — not resumes.