Security has been a hot topic for the last couple years, all the hacking and data breach you hear on the news are mostly a result in poor security protection. A security breach usually involves a hacker found an outdated security vulnerability that your system has yet to patch. Although increasingly there are zero-day vulnerabilities being used in exploit up to date software, a majority of the hacking were still targeting towards outdated software systems.
Recently I found an interesting site that you can learn all kinds of security vulnerabilities interactively. Check out https://www.hacksplaining.com/, a site that illustrates all kinds of security vulnerabilities that range from browser XSS all the way to the back-end SQL injection. You can sign up for free to create an account and go through learning what each of the security vulnerability is about and how to prevent them in your application.
Here is an example of how you can use SQL inject to hack a bank account and retrieve all the savings from the account.
After a successful SQL injection, the hacker is able to see all the Checking account and Savings account balance and much more. From here they will be able to for example Transfer funds to another account etc.
The interactive guide is pretty useful especially if you are new to learning what each type of the security vulnerabilities is. For some people reading about it would be sufficient to understand, but I found that the best way to learn a new concept is to actually see it in action. This interactive guide does exactly just that. Each interactive tutorial also has a quiz section at the end of a given section to fully test your knowledge on how well you are in understanding a given security vulnerability works. Check it out if you want to truly understand what that vulnerability means to you and the software you use on a daily basis.