OWASP - Broken Web Application (BWA) is a highly vulnerable web application developed and distributed by OWASP. The main objective is to aware web developers about common web vulnerabilities and to make internet more secure place. The another major use of OWASP BWA project is as a penetration testing lab widely used by hackers and security experts.
About OWASP Broken Web Application
BWA is one of the best penetration testing app I have ever used because it is consist of many other third parties pentesting apps such as DVWA, Mutillidae, Ghost, NOWASP etc. Around 30+ vulnerable applications to learn almost every part of web hacking and pentesting. There is lot benefits for using BWA especially if you are beginner. You can learn lots of new techniques and methods used for pentesting. For example:
- Web Application Penetration Testing
- Manual Vulnerability Assessment Techniques
- Source Code Analysis
- Web Application Security
- OWASP Top 10 Web Vulnerabilities
How to Install OWASP BWA
You will need VMware Player and OWASP BWA Project setup ― its a pre-made virtual machine file which doesn't require any configuration. After downloading, Install VMware player and extract BWA file and open OWASP Broken Web Apps.vmx file. This will start virtual machine setup, Just proceed as it says and that's all its installed.
Its time to access pentesting lab in your browser. Just look on screen and there you will find an IP address like 192.168.92.128 type it in your favorite browser and it will bring you OWASP BWA Project homepage from there you can select any vulnerable application and start practicing and honing your hacking skillsRelated Post : Create Pentesting Lab in Kali Linux