PortSwigger, the company behind popular web application penetration testing tool, Burp Suite, have launched a free training course, called Web Security Academy. The course includes easy to consume lessons accompanied by hands-on labs in topic including: File Upload Vulnerbilities, OAuth Authentication, HTTP Host Header Attacks, SQL Injections, Cross Site Scripting (XSS), Cross Site Request Forgery, XXE Injections, and more.