One of the best ways to build skills is to practice hands-on. There are a number of different environments you can find online, including the OWASP Juice Shop.
The OWASP Juice Shop is a modern application that contains vulnerabilities from the OWASP Top 10 Web Risks. It’s not only a great way to understand some of the most common web app risks, but it’s also running as a “modern application architecture” with Angular, Node.Js (Express), and SQLite.
Setting it up in Kali literally takes 3 minutes with Docker, and it’s easy to spin up/down without having to worry about installing a bunch of software and dealing with configuration or compatibility issues. A lot of other tutorials require that you install and configure each technology independently and then pull in the source code, and if you run that in the cloud, it might cost you $. This way is free.