10 resources for beginners to learn Web hacking 🧵👇

  1. OWASP Juiceshop — Created by Bjoern kimminich

This application contains various vulnerabilities which can be exploited which helps users to understand the methodology and attack scenarios. It’s a simulated environment.

2. OWASP WebGoat:

An insecure web application with existing underlying vulnerabilities which are commonly found in Java-based web applications.

3. Port Swigger Labs:

A web application that provides labs scenarios for each vulnerability type and explaining the defensive measures and offensive mechanisms.

4. Sillydaddy — Creator @sillydadddy

AMA talks with professional bug hunters explaining their journeys into #infosec while sharing their experiences.

5. Beginner’s Web application course — Creator @thecybermentor

Heath is a professional pentester and in this video, he explains various classes of vulnerabilities and their attack scenarios.

6. Hacking Articles: Raj Chandel

This website consists of various topics about web hacking and hacking in general which are also contributed and documented by various authors.

7. Backdoor:

This website contains simulated penetration testing labs and CTF’s challenges

8. Cyber-security Wtf: Author Myo Soe

This website consists of several web hacking challenges and katana Knowledge bases and Attack maps. More like a Capture the flag(CTF) environment.

9. Hacking web applications: Brent White

Documented at Defcon conference 23 which explains the basics of web application hacking and feature testing.

10. Hacker101:

HackerOne provides several descriptive video content about various vulnerabilities which are commonly found during web application testing.

11. InfoSec Community :

A collection of amazing write-ups covering various topics like CTF’s, Bug bounty, Pentesting, etc.

If you guys enjoyed the blog a clap would mean so much to me. It keeps me motivated to post more content on Twitter and in blogs.


Hope this write-up was helpful. Collaboration and networking are something that I have always enjoyed. Let’s connect

Twitter -


Linkedin —

Happy hacking !!!

If you have reached this far, thank you for reading this article. Kindly feel free to point out any mistakes and do let me know where I can improve in writing and explaining in detail. Appreciate it!!. All the best. God bless.



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Bala Praneeth (Begin_hunt)

Bala Praneeth (Begin_hunt)


Graduate Student | Passionate about Information Security | Web Application Security enthusiast | Self-motivated