How to create Penetration testing lab with DVWA

Hi friends, In this article I'm gonna teach you how to create a virtual penetration testing lab with DVWA (Damn Vulnerable WebApp) because its always good to practice in virtual vulnerable application. It helps lot learning about Web App vulnerability cause. Most of the ethical hackers, pentesters and security researchers start practicing on virtual vulnerable app and then after learning they move on to real world pentesting.

What is Virtual Vulnerable Penetration Testing App (Lab)

A virtual pentesting lab is vulnerable application that can be used to explore or learn any web vulnerability for eg. SQL Injection, XSS, CSRF, RCE, Authentication flaws etc. Pentesting is a practice of learning hacking skills against Web Applications. Mostly white hat hackers, pentesters and ethical hackers uses virtual pentesting lab to learn and find root or cause of vulnerability or flaw.

What is DVWA ? Is it useful to me?

Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is damn vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, It also helps web developers better understand the process of securing server and web app or can also be use to teach students ethical hacking and pentesting.

How to Install DVWA on Windows Platform ?

Installing DVWA on Windows is easy just follow the steps given below or watch video tutorial.

  1. Download DVWA (Damn Vulnerable WebApp)
  2. Download XAMPP server for Windows
  3. Install Xampp server on Windows
  4. Extract all files from DVWA to desktop
  5. Go to following directory C:\xampp\htdocs and delete everything in it
  6. Now Copy entire extracted DVWA folder to C:\xampp\htdocs
  7. Now Start XAMPP Control Panel - Start [Apache] and [MySQL]

Now Just Open your Browser & type 127.0.0.1 or http://localhost Hit Enter, You'll see DVWA Login page, Choose DVWA folder and You'll get started with Login page. It may asks for login credentials so here it is; Username : admin Password : password Finally you're done. Now practice, learn, create & research.

If still you're not able to install DVWA on your system follow the below Youtube video. Click here and watch on Youtube, Best viewed in full screen mode. Note : Below video tutorial show Installation of XAMPP + NOWASP Mutillidae Pentest lab. Just Replace DVWA files with NOWASP Mutillidae.


Thanks for reading my article, If you've any doubt please feel free to ask in comment.