Damn Vulnerable Web Application (DVWA) Logo

Damn Vulnerable Web Application (DVWA)

0
Free
Visit Website

Damn Vulnerable Web Application (DVWA) is a PHP/MySQL web application that is damn vulnerable. Its main goal is to be an aid for security professionals to test their skills and tools in a legal environment, help web developers better understand the processes of securing web applications and to aid both students & teachers to learn about web application security in a controlled class room environment. This is intentional. You are encouraged to try and discover as many issues as possible. WARNING! Damn Vulnerable Web Application is damn vulnerable! Do not upload it to your hosting provider's public html folder or any Internet facing servers, as they will be compromised. It is recommended using a virtual machine (such as VirtualBox or VMware), which is set to NAT networking mode. Inside a guest machine, you can download and install XAMPP for the web server and database. Disclaimer We do not take responsibility for

FEATURES

ALTERNATIVES

An open-source web application security scanner framework that identifies vulnerabilities in web applications.

FingerprintJS is a client-side browser fingerprinting library that provides a unique visitor identifier unaffected by incognito mode.

Orchestration toolchain for scanning source code and infrastructure IaC against security risks.

A centralized dashboard for running and scheduling WordPress scans powered by wpscan utility.

Identifies misconfigured CloudFront domains vulnerable to hijacking

An integrated application security platform that combines multiple security scanning tools with developer-focused workflows for automated code and infrastructure security testing.

A technology lookup and lead generation tool that identifies the technology stack of any website and provides features for market research, competitor analysis, and data enrichment.

WordPress plugin to reduce comment spam with a smarter honeypot.

PINNED