eLearning Path

Back to list of all Outcomes


Here is a possible step-by-step approach for self-studying web application security based on existing free resources:

  1. Explore a simple demo/example site online
    • Simple online apps from OWASP VWAD
    • Simple examples in https://github.com/joe-shenouda/awesome-cyber-skills
    • Simple examples in https://apsdehal.in/awesome-ctf/
  2. Use lecture-based training application and go through its (simple) lessons
    • Security Shepherd
    • WebGoat
  3. Read details on vulnerabilities and countermeasures e.g., for XSS
    • First https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)
    • Followed by https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet
  4. Use vuln-by-vuln training application
    • DVWA
  5. Use realistic vulnerable application
    • Juice Shop
  6. Read a good book on the topic
    • Web Application Hacker’s Handbook

Back to list of all Outcomes

Edit this page here