DVWA
#1
What is DVWA?
DVWA stands for Damn Vulnerable Web Application. When setup, DVWA allows you to easily test your skills as an attacker. DVWA is suited for beginner hackers and advanced hackers. In the settings you can change the security level (If you're a starter then you want it on low security and if you're an advanced hacker then you want it on medium or maybe high).

Download Files
You can download the latest version from their official website:
http://www.dvwa.co.uk/

How to locally host DVWA
You're going to want to download XAMPP. XAMPP will allow you to run an Apache server from your computer. When you're installing you will want to ensure that MYSQL, PHP and phpMyAdmin are also being installed.

Once you have XAMPP (Apache, PHP and phpMyAdmin) then you will simply have to drag and drop the DVWA files into your XAMPP directory and visit localhost in your web browser.

IMPORTANT: The default username is "admin" and the default password is "password"
Reply
#2
This is a pretty interesting app, but I personally use securityoverride.org or hack.me
Reply
#3
(07-01-2015, 08:02 PM)Cryptography Wrote: This is a pretty interesting app, but I personally use securityoverride.org or hack.me

Yes. To my understanding, there is a bunch of applications with this purpose. But I've only ever known about DVWA so that's the only one I've ever played with.
Reply
#4
(07-01-2015, 08:18 PM)Skypronium Wrote: Yes. To my understanding, there is a bunch of applications with this purpose. But I've only ever known about DVWA so that's the only one I've ever played with.

I might host this on my site (http://www.pulses.xyz/) and let users request to join and they can all use it.
( If I ever get it secure enough Tongue )
Reply
#5
(07-01-2015, 09:27 PM)Cryptography Wrote:
(07-01-2015, 08:18 PM)Skypronium Wrote: Yes. To my understanding, there is a bunch of applications with this purpose. But I've only ever known about DVWA so that's the only one I've ever played with.

I might host this on my site (http://www.pulses.xyz/) and let users request to join and they can all use it.
( If I ever get it secure enough Tongue )

Sounds like a kind thought but I would urge you to rethink. Hosting an application like DVWA on a webserver and giving people access to it is just so risky.
Reply
#6
(07-02-2015, 05:53 PM)Skypronium Wrote: Sounds like a kind thought but I would urge you to rethink. Hosting an application like DVWA on a webserver and giving people access to it is just so risky.

I know, I am trying to sort of "recreate it" To make it available for users, yet be secure at the same time.
Reply