Web Security Academy: PortSwigger


Free, online web security training from the creators of Burp Suite

Learn how to discover and exploit vulnerabilities in NoSQL databases, with a focus on the popular MongoDB database. Burp Suite Certified

Boost your career

The Web Security Academy is a strong step toward a career in cybersecurity.

Flexible learning

Learn anywhere, anytime, with free interactive labs and progress-tracking.

Learn from experts

Produced by a world-class team - led by the author of The Web Application Hacker's Handbook.

Learn visual

Satisfy your curiosity - safely and legally

We make Burp Suite - the leading software for web security testing. And we love our users (because they're the people who make Burp what it is). That's why we created the Web Security Academy. It's also why the Academy is 100% free.

The Web Security Academy exists to help anyone who wants to learn about web security in a safe and legal manner. You can access everything (for free) and track your progress by creating an account. Please see the sidebar for more information.

Burp Suite

Hack like the pros do

Web security and ethical hacking are lucrative careers to get into, but they're often seen as dark and mysterious arts. The Web Security Academy smashes that stereotype. We make the latest application security knowledge available to everyone.

Some of our interactive labs will, by their nature, require you to use tools to solve them. But fear not. If you don't have access to Burp Suite Professional, then Burp Suite Community Edition allows you to experiment for free. Download Burp Suite here.

Web security training built for humans, not robots

Let's face it, some of the online web application training out there can be a bit dull. And isn't hacking supposed to be fun? We certainly think so. That's why we've taken a fully interactive approach when it comes to the design of our web security training.

While each topic in the Academy is fully explained in text, many also include video content to summarize key points. Then there are the interactive labs - realistic puzzles designed to test your skills as a hacker. These transfer directly over into real-life cybersecurity situations.

Cool swag

Track your progress, win cool swag

Although we designed the labs to be fun, that doesn't necessarily mean they're easy (because where would be the fun in that, right?). We also love a bit of competition here at the Web Security Academy - and that's how we came up with the idea for the Hall of Fame.

Every time we release a new lab, we'll announce it on Twitter. The first Web Security Academy users to solve the lab will win Burp Suite swag - as well as getting their name in the Hall of Fame for all to see. Of course, you can remain anonymous if you prefer.

Last updated