Damn Vulnerable Web Application (DVWA)
For testing web security tools a target which has plenty vulnerabilities is needed. The Damn Vulnerable Web Application (DVWA) provides a PHP/MySQL web application that is damn vulnerable.
Install lighttpd, PHP, and MySql
For installing the additional packages first activate community packages:
Uncomment the following:
Update the packagelist:
Install the additional packages:
Edit the section:
Start lighttpd service and add to needed runlevel
Install extra packages:
Installing and configuring Piwik
Create the a folder named webapps
Download the source archive and unpack it
Unpack the archive and remove it
Change the folder permissions
Create a symlinks to the folder dvwa
Configuration and start MySql
Modify the database credentials within DVWA configuration file /config/config.inc.php
To complete the setup, browse to the DVWA directory on the webserver.
Follow the link to setup the database.