Damn Vulnerable Web App (DVWA)
Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is damn vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, help web developers better understand the processes of securing web applications and aid teachers/students to teach/learn web application security in a class room environment.
Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is damn vulnerable. Its main goals are to be light weight, easy to use and full of vulnerabilities to exploit. Used to learn or teach the art of web application security.
New updated version is available with new features
- The vulnerability help page has been improved.
- We now display the logged on username along with the vulnerability level and php-ids status.
- Blind SQL injection has been implemented.
- We now have official documentation.
- You can now compare all vulnerable source code in one page with the ‘view all’ button.
- The whole theme has been redesigned, including a new great looking logo.
- Many bug fixes and small changes throughout the application.
Download -
DVWA is available either as a package that will run on your own web server or as a Live CD
DVWA v1.0.7 (latest) - (1.3MB) Download
DVWA v1.0.7 LiveCD - (480MB) Download
The documentation for DVWA can be downloaded by following this link.
DVWA is available either as a package that will run on your own web server or as a Live CD
For Installation of DVWA , We need to Install Web Server like XAMPP.
Procedure for installing XAMPP Web server is mentioned in my previous post
How to make your own Webserver- Host Webpages on your own computer
Procedure for installing XAMPP Web server is mentioned in my previous post
How to make your own Webserver- Host Webpages on your own computer
After Installation of XAMPP server.Copy DVWA Directory to xamp installation folder.
E.g. C:\xampp\htdocs or E:\ xampp\htdocs
& then start xampp services.
Then browse the dvwa site
by http:\\localhost\dvwa or http:\\127.0.0.1\dvwa
Default user id - admin
Password - password
& your DVWA application is ready for Testing
For More Information & vidoes on DVWA
http://www.dvwa.co.uk/
Tutorgig.info
www.perspectiverisk.com