This is a list of a few resources a friendly hacker at MSU shared with me during my junior year. They're catered toward experienced web developers looking to learn a little bit more about web security (ala me). I thought a friend on Twitter could use them, so I'm sharing them for anyone else who may be in that position :)
Begin quote from friend's DMs
This is what helped me get me feet wet with web security problems: http://overthewire.org/wargames/natas/
Really, really good wiki on just about every web security problem. If you want ideas of more things to look at, check this out: https://www.owasp.org/index.php/OWASP_Testing_Guide_v4_Table_of_Contents
Truthfully, I haven't read this book. I've heard its good, but its also long :/ https://www.amazon.com/Web-Application-Hackers-Handbook-Exploiting/dp/1118026470
This is just a fun site that has XSS brainteasers.
Its down right now but should be back up:
http://escape.alf.nu/
For my own records, this was from 10/8/16