Overview#
PortSwigger Web Security Academy is widely considered the definitive free resource for web application security. Built by the team behind Burp Suite, it covers every major vulnerability class — SQL injection, XSS, SSRF, XXE, deserialization, OAuth flaws, and more — with clear explanations followed by interactive labs you exploit directly in the browser. Essential for anyone pursuing web pentesting or a bug bounty program.
Details#
- Cost: Free
- Skill Level: Beginner → Advanced
- Focus: Web application security, OWASP Top 10, advanced web attacks, Burp Suite usage
- Link: portswigger.net/web-security