As a pedantic note, Gruyere does not have holes. Emmentaler is probably the one people are thinking of.

appartently the french Gruyère has small holes. who knew...

https://de.wikipedia.org/wiki/Gruy%C3%A8re_(K%C3%A4se)

The cheese pun was completely lost on me

This is something I went through several years ago before the college lab I was a part of put together our own curriculum its a pretty good primer IMO

Malwarebytes endpoint protection blocked me from visiting on suspicion that the site contains a Trojan.

Is it similar to OWASP WebGoat?

https://owasp.org/www-project-webgoat/

Are there other courses laid out like this? This looks fascinating!

https://xss-game.appspot.com/ (this has a lot of overlap with gruyere)

https://github.com/cure53/XSSChallengeWiki/wiki

https://sites.google.com/site/infosecrocks/ (this links to some of the other stuff I mentioned)

https://www.hacking-lab.com

There's also these 2 advanced XSS challenges:

https://alf.nu/alert1

https://prompt.ml/0

I'm not sure if they're still functional, I think some of their solutions require functionality that browsers have since changed.

You might also want to check out the Youtube channel Live Overflow:

https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w

Another web and mobile application security training platform: https://github.com/OWASP/SecurityShepherd