Damn Vulnerable Web Application (DVWA) is a PHP/MySQL web application that is damn vulnerable. Its main goal is to be an aid for security professionals to test their skills and tools in a legal environment, help web developers better understand the processes of securing web applications and to aid both students & teachers to learn about web application security in a controlled class room environment.
The aim of DVWA is to practice some of the most common web vulnerabilities, with various levels of difficulty, with a simple straightforward interface. Please note, there are both documented and undocumented vulnerabilities with this software. This is intentional. You are encouraged to try and discover as many issues as possible.
- create a
.envfile reference from.env.sampleand add valuesDB_NAME=vaccine DB_USERNAME=admin DB_PASSWORD=password - run web server
make
- Access web on port 8000
http://localhost:8000 - Access adminer on port 8080
http://localhost:8080
+ for 42's Machine, You need run `make fclean` every time
+ before restart to ensure data volume is created by docker userBase root path to select database type testing
- /pgsql :
Postgresqldatabase testing - /mysql :
MySQLdatabase Testing - /sqlite :
SQLitedatabase Testing
Sub path for select method testing
- /<db_type>/ : method
GETtesting - /<db_type>/login : method
POSTtesting
