CSOonline

Learn to play defense by hacking these broken web apps

The best way to learn to play defense is to play offense, and the OWASP Broken Web Applications Project makes it easy for application developers, novice penetration testers, and security-curious ...
Dark Reading

The Hitchhiker's Guide to Web App Pen Testing

Six months ago, I started my own journey learning web app penetration testing from scratch. Several people have asked me to compile these resources into one compendium aimed at those with little or no ...