Is it worth learning web development?

Hey hackers, just wanted some opinions on whether I should learn web development before diving into books like web application hackers handbook?

I have been following IPPSecs videos on the retired machines, but a lot of the time I don’t really understand what he is doing with burp to attack the web pages.

Is it worth doing a course like udemys web development boot camp and getting a solid understanding of how web pages are developed so that I can then understand why they are exploitable?

My goal is to be a pentester for a career. I have two years left in my current position so that means two years of study.

I was thinking maybe web development boot camp, then possibly x86 assembly and finish with violent python and coding my own exploits. Thoughts please.

I’ve only been learning about 6 weeks now.


From what I can tell, ippsec is mainly just editing the http requests to different sites. I don’t think you need to learn web development but it will sure help a ton! If you have two years I would definitely Atleast learn the basics. But definitely spend time with python. 2 years of focused learning is plenty so when you do make the career change you’ll be more than equipped.
Good luck !

Yes, you should have a deep understanding of web development to find well-hidden bugs.

Thanks for that guys. I’m paying for Z security web application hacking course on Udemy and also an advanced burp suite course so that I can see what I can learn from this before diving into web development. I’m going to learn Javascript and I have already started on python.

How much python do you recommend learning? Do I just learn the basics and then start using black hat python and violent python to learn how to cater it to pentesting?

I am a Web- and PHP developer. Yes, it helps but in my opinion you should focus on networks/subnetting. Understand the OSI Model and TCP/IP. Learn Bash and Python scripting. JavaScript can help you too. Understand HTTP requests. RestAPIs… so much to learn.