No need to become a full front/back-end programming to learn web-app hacking. But a good start is jot down the basics of javascript to understand XSS/CSRF, get the basics of SQL for SQL-injection and PHP+linux commandline for shells.
So I'd say simple project that involves it all. Start a PHP project, with javascript on the frontend. That communicates with a database through SQL and php. So maybe like a simple guestbook/messageboard?
Edit:
Go to wargames sections for a lot of exercises to do: https://greysec.net/forumdisplay.php?fid=15
So I'd say simple project that involves it all. Start a PHP project, with javascript on the frontend. That communicates with a database through SQL and php. So maybe like a simple guestbook/messageboard?
Edit:
Go to wargames sections for a lot of exercises to do: https://greysec.net/forumdisplay.php?fid=15