Information Security

Can you suggest relevant materials and resources on the topic of web application security?

Hello. I have been interested in this topic for a long time, I started reading from articles like "XSS for beginners", "SQL injection from scratch", etc., where I now find some shortcomings and incomplete disclosure of certain aspects. I also studied the basis that is necessary to start moving on (PHP, JavaScript, C, Java, also SQL, of course HTML and the company - I had practice on them, that is, I reached the initial level, then the basics and principles of networking, studied network and web protocols, web components, how work and interaction is generally carried out on the Web, etc.).
Now I have a question, what should I do next? After all, there is, as it were, knowledge, but for action in real, "combat" conditions (and not on specially made systems for testing), they are not enough, or those knowledge that I received were from relatively old sources, maybe most of them are simply outdated, etc. That’s what interests me, maybe someone can advise something that will help give impetus to further development, or just advise something (like it’s time to do all the practice, then everything will come with experience).
PS I hope that you will treat the issue with normal (I understand that many might not like something in the wording). Thank you.