10 resources for beginners to learn Web hacking 🧵👇

3 min readDec 13, 2021

OWASP Juiceshop — Created by Bjoern kimminich

This application contains various vulnerabilities which can be exploited which helps users to understand the methodology and attack scenarios. It’s a simulated environment.

OWASP Juice Shop

OWASP Juice Shop is probably the most modern and sophisticated insecure web application! It can be used in security…

owasp.org

2. OWASP WebGoat:

An insecure web application with existing underlying vulnerabilities which are commonly found in Java-based web applications.

OWASP WebGoat

WebGoat is a deliberately insecure application that allows interested developers just like you to test vulnerabilities…

owasp.org

3. Port Swigger Labs:

A web application that provides labs scenarios for each vulnerability type and explaining the defensive measures and offensive mechanisms.

All labs | Web Security Academy

SQL injection Cross-site scripting Cross-site request forgery (CSRF) Clickjacking DOM-based vulnerabilities…

portswigger.net

4. Sillydaddy — Creator @sillydadddy

AMA talks with professional bug hunters explaining their journeys into #infosec while sharing their experiences.

Infosec AMA

Daddy pig's Infosec Musings !

www.sillydaddy.me

5. Beginner’s Web application course — Creator @thecybermentor

Heath is a professional pentester and in this video, he explains various classes of vulnerabilities and their attack scenarios.

6. Hacking Articles: Raj Chandel

This website consists of various topics about web hacking and hacking in general which are also contributed and documented by various authors.

Hacking Articles

Hacking Articles is a comprehensive source of information on cyber security, ethical hacking, penetration testing, and…

www.hackingarticles.in

7. Backdoor:

This website contains simulated penetration testing labs and CTF’s challenges

Backdoor by SDSLabs

Platform for Computer Security Challenges

backdoor.sdslabs.co

8. Cyber-security Wtf: Author Myo Soe

This website consists of several web hacking challenges and katana Knowledge bases and Attack maps. More like a Capture the flag(CTF) environment.

9. Hacking web applications: Brent White

Documented at Defcon conference 23 which explains the basics of web application hacking and feature testing.

10. Hacker101:

HackerOne provides several descriptive video content about various vulnerabilities which are commonly found during web application testing.

Web Hacking

Hacker101 is a free class for web security. Whether you're a programmer with an interest in bug bounties or a seasoned…

www.hacker101.com

11. InfoSec Community :

A collection of amazing write-ups covering various topics like CTF’s, Bug bounty, Pentesting, etc.

InfoSec Write-ups

A collection of write-ups from the best hackers in the world on topics ranging from bug bounties and CTFs to vulnhub…

infosecwriteups.com

If you guys enjoyed the blog a clap would mean so much to me. It keeps me motivated to post more content on Twitter and in blogs.

Networking-

Hope this write-up was helpful. Collaboration and networking are something that I have always enjoyed. Let’s connect

Twitter -

https://twitter.com/Begin_hunt

Linkedin —

Bala Praneeth Reddy - Sacred heart high school - Charlotte, North Carolina, United States |…

A person who strives to improve and develop new skills, passionate about latest technologies. Always accepts change and…

www.linkedin.com

Happy hacking !!!

If you have reached this far, thank you for reading this article. Kindly feel free to point out any mistakes and do let me know where I can improve in writing and explaining in detail. Appreciate it!!. All the best. God bless.