Security for Web Developers: 11: DVWA

Using Local Test Web Apps

You should be testing  your site. If you don’t – or even if you do – other people will. So get familiar with some of the tools of the trade. Use a local website development tool like XAMPP so you can host vulnerable websites on your security testing computer.

Using DVWA

Damn Vulnerable Web App is exactly that: a testing website that’s prebuilt for you, ready to unzip into a folder in your web root. DO NOT run your local web service (like XAMPP) with this web app installed while you are accessible from the Internet. It’s called Damn Vulnerable for a reason. Suggestion: set it up in a virtual machine.

Assignment: Download DVWA and set it up on your pen testing computer.
https://sourceforge.net/projects/dvwa/

Next: https://schoolforhackers.com/security-web-developers-mutillidae/

One Reply to “Security for Web Developers: 11: DVWA”

Comments are closed.