Resources

ports wigger.net/web-security 

Free, online web security training from the creators of Burp Suite. Learn anywhere, anytime, with free interactive labs and progress-tracking.

OWASP Juice Shop is probably the most modern and sophisticated insecure web application! It can be used in security training, awareness demos, CTFs and as a guinea pig for security tools! Juice Shop encompasses vulnerabilities from the entire OWASP Top Ten along with many other security flaws found in real-world applications!

Hack.me is a FREE, community-based project powered by eLearnSecurity.The community can build, host and share vulnerable web application code for educational and research purposes.It aims to be the largest collection of "runnable" vulnerable web applications, code samples and CMS's online.