← Dashboard

cybersecurity / web security

Web Application Security, Free

The web is the biggest attack surface there is — which makes web security one of the most valuable skills in the field. Learn the risks, then practice exploiting and fixing them in the best free lab anywhere. All resources current.

updated jul 2026·2 tracks·all free

Almost every organization runs web apps, and almost every web app has bugs — SQL injection, XSS, broken access control. Web security is learning to find and fix them. The path is well-worn: learn the standard vocabulary of risks (OWASP), practice hands-on in a world-class free lab (PortSwigger), and keep the secure-coding cheat sheets handy. Only test targets you own or are authorized to assess.

01 · LEARN & PRACTICE

The risks & the lab

The shared vocabulary, plus the best hands-on training anywhere.

02 · BUILD SECURE

Secure-coding reference

How to prevent the bugs, not just find them.