OWASP or Open Web Application Security Project is an open source community which shares best practices, tools, guidelines and applications in the IT field of information security. Every year conferences are held in several places where members and all interested parties come together.
The OWASP Top 10 is published every 5 years and lists the top 10 known and most problematic vulnerabilities.
OWASP WebGoat is an application where you can learn about these vulnerabilities. The application has built in vulnerabilities in a way that you can test the vulnerabilities, learn about them and see how to mitigate these.
OWASP ZAP is an intercepting proxy which you can use in the assignments for WebGoat.
I am now a member of the WebGoat core team and will share some blogs about WebGoat on this page.