Introduction to DVWA (Damn Vulnerabilities Web Application)

VAPT is a process in which we audit and exploit the available vulnerabilities of a network as well as website with respect to some global standards.   

Vulnerability Assessment : Its a process in which we only scan and look for the limitation or vulnerabilities of any website. it has nothing to do with the exploitation of the discovered vulnerabilities. 

Penetration testing : A process which deals in exploiting the available vulnerability report and make sure to discover the critical data of the website and later share the remedy for the same with the developers of the website.

About OWASP : O : Open | W : Web | A : Application | S : Security | P : Project


Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is damn defenseless. Its primary objective is to be a guide for Web Security experts to test their abilities and instruments in a lawful domain, help web designers better comprehend the procedures of securing web applications and help instructors/understudies to educate/learn web application security in a classroom situation.

Attacks in DVWA 1. Brute Force 2. Command Execution 3. CSRF 4. File Inclusion 5. SQL Injection 6. SQL Injection (Blind) 7. Shell Uploading 8. XSS ( Reflected ) 9. XSS ( Stored) DVWA Security Options for Attacks: 

Low Level : Low Level Security gives you freedom to exploit all known vulnerabilities means there will be no security in given framework and hence you can try all attacks if you are using it first Time. Medium Level : Medium security will have all entry level validations and filtration which can stop any script kiddie to get benefit of available vulnerabilities.

High Level : High Level is kind of Zero Day environment and if you can breach it then that means you are on the right track to be become a VAPT Expert.

Installation: DVWA is a web application coded in PHP that uses a MySQL back-end database. DVWA needs a web server, PHP and MySQL installed in order to run.The easiest way to install DVWA is to download and install 'XAMPP'.

If you want to learn more see this link for reference :

An Ethical hacker should know the penalties of unauthorized hacking into a system. Read more at:Legality and Ethics

#dvwa #aiutocomputerhelp #www #gnulinux #freesoftware #linux #backtrack5 #webhacking #sqlmap #burpsuite #docker #hacking #learning #testing #kali #sqlinjection #fileupload #privilegeescalation #browser #pythoncodes #hackingtheweb #france #hackingtool #educationonly #helloworld #owasp #conf #nano #pentesting #pentesters


For more tricks and update over hacking stay tuned to our site: Note 4 Tech


Recent Posts

See All