
Ask HN: Best online resources for learning web security - TXV
I find myself rather lacking in web security skills. I have a basic understanding of what TLS&#x2F;certs&#x2F;CAs&#x2F;... are, gotten mainly from Wikipedia and blog articles but I often don&#x27;t know how to make it all work together. What do you think is the best comprehensive online (free) resource to learn the ropes?
======
ergot
There's a fairly comprehensive list here:

[https://github.com/sbilly/awesome-
security](https://github.com/sbilly/awesome-security)

------
FullMtlAlcoholc
Try [https://reddit.com/liveoverflow](https://reddit.com/liveoverflow) and
[https://fsecurify.com](https://fsecurify.com)

------
demonshreder
[https://hackthissite.org](https://hackthissite.org)

------
cypherg
There isn't a single reputable one that I know of.

------
csnewb
Try searching for a pdf of the "Web Application Hacker's Handbook".

~~~
grzm
Is the PDF legally available online? The sources I see don't appear to be.

~~~
csnewb
I don't think it is legally available online. Getting the physical book would
be the best option since its legal and more thorough than any online resource
I've found, but I don't know what your budget is like or if you even like
reading books. Just saying that its one option you have.

~~~
phaus
In about 30 seconds I found several places to get it as an ebook, and at least
3 that have PDFs.

O'Reilly's a good place to buy from.

------
hnhnic
[https://www.owasp.org/index.php/Main_Page](https://www.owasp.org/index.php/Main_Page)

