Skip to main content

How to create Pentesting lab using OWASP BWA

OWASP - Broken Web Application (BWA) is a highly vulnerable web application developed and distributed by OWASP. The main objective is to aware web developers about common web vulnerabilities and to make internet more secure place. The another major use of OWASP BWA project is as a penetration testing lab widely used by hackers and security experts.

Penetration Testing Lab using OWASP BWA

About OWASP Broken Web Application

BWA is one of the best penetration testing app I have ever used because it is consist of many other third parties pentesting apps such as DVWA, Mutillidae, Ghost, NOWASP etc. Around 30+ vulnerable applications to learn almost every part of web hacking and pentesting. There is lot benefits for using BWA especially if you are beginner. You can learn lots of new techniques and methods used for pentesting. For example:

  • Web Application Penetration Testing
  • Manual Vulnerability Assessment Techniques
  • Source Code Analysis
  • Web Application Security
  • OWASP Top 10 Web Vulnerabilities

How to Install OWASP BWA

You will need VMware Player and OWASP BWA Project setup ― its a pre-made virtual machine file which doesn't require any configuration. After downloading, Install VMware player and extract BWA file and open OWASP Broken Web Apps.vmx file. This will start virtual machine setup, Just proceed as it says and that's all its installed.

OWASP BWA Pentesting Lab Setup

Its time to access pentesting lab in your browser. Just look on screen and there you will find an IP address like type it in your favorite browser and it will bring you OWASP BWA Project homepage from there you can select any vulnerable application and start practicing and honing your hacking skills