OWASP Damn Vulnerable Web Sockets (DVWS) Logo

OWASP Damn Vulnerable Web Sockets (DVWS)

0
Free
Visit Website

OWASP Damn Vulnerable Web Sockets (DVWS) is a vulnerable web application which works on web sockets for client-server communication. The flow of the application is similar to DVWA. You will find more vulnerabilities than the ones listed in the application. Requirements: In the hosts file of your attacker machine create an entry for dvws.local to point at the IP address hosting the DVWS application. The application requires Apache + PHP + MySQL, PHP with MySQLi support, Ratchet, and ReactPHP-MySQL. Install 'Ratchet' and 'ReactPHP-MySQL' using composer. Set the MySQL hostname, username, password, and an existing database name in the includes/connect-db.php file then go to Setup to finish setting up DVWS. Running DVWS: On the host running this application, run the following command from DVWS directory: php ws-socket.php --heartbeat-interval <sec>

FEATURES

ALTERNATIVES

A tool to profile web applications based on response time discrepancies.

Akamai Client-Side Protection & Compliance is a security tool that monitors and protects against client-side threats on websites, aiding in PCI DSS v4.0 compliance.

A tool for automated HTTP header injection

Application monitoring and security platform that provides runtime visibility, threat detection, and automated response capabilities for application-layer security

A tool for secure content publishing and verification using offline signing and trusted collections.

A script that implements Cognito attacks such as Account Oracle or Priviledge Escalation

A fake Django admin login screen to detect and notify admins of attempted unauthorized access

A lightweight web security auditing toolkit that simplifies security tasks and enhances productivity.

PINNED