Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is damn vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, help web developers better understand the processes of securing web applications and aid teachers/students to teach/learn web application security in a classroom environment. The aim of DVWA is to practice some of the most common web vulnerabilities, with various levels of difficulty, with a simple straightforward interface. Please note, there are both documented and undocumented vulnerabilities with this software. This is intentional. You are encouraged to try and discover as many issues as possible. Damn Vulnerable Web Application is damn vulnerable! Do not upload it to your hosting provider's public html folder or any Internet facing servers, as they will be compromised. It is recommended using a virtual machine (such as VirtualBox or VMware), which is set to NAT networking mode.

Features

  • While there are various versions of DVWA around, the only supported version is the latest source from the official GitHub repository
  • This file is available in multiple languages
  • The easiest way to install DVWA is to download and install XAMPP if you do not already have a web server setup
  • Depending on your Operating System, as well as version of PHP, you may wish to alter the default configuration
  • The aim of DVWA is to practice some of the most common web vulnerabilities
  • You are encouraged to try and discover as many issues as possible

Project Samples

DVWA Screenshot 1 DVWA Screenshot 2

Project Activity

See All Activity >

Categories

Security

License

GNU General Public License version 3.0 (GPLv3)

Follow DVWA

DVWA Web Site

Other Useful Business Software
B2i offers full-service IR websites, widgets and plugins Icon
B2i offers full-service IR websites, widgets and plugins

Built for IR professionals who work for, or support public companies

B2i Technologies provides the most robust and versatile tools to manage your Corporate website, Investor Relations website and email communications. Our Investor Relations Software solutions work through automation and implements into existing systems with ease in only a few steps. Our solutions not only help you stay compliant but save valuable time while reporting and delivering critical financial data and press release activities to investors. B2i's Investor Relations Solution provides highly reliable and customizable data for corporate websites including press releases, stock data, charting, and SEC filings within SOX compliance standards. Our investor relations software displays real-time data on your website without requiring additional work on your behalf. Once you have completed your filings and press releases they are automatically loaded onto your website and formatted for easy access.
Learn More
Rate This Project
Login To Rate This Project

User Ratings

5.0 out of 5 stars
★★★★★
★★★★
★★★
★★
1
0
0
0
0
ease 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 5 / 5
features 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 5 / 5
design 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 5 / 5
support 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 5 / 5

User Reviews

Filter Reviews:
All
  • dappervoid Posted 2025-07-10
    Great for security professionals
Read more reviews >

Additional Project Details

Operating Systems

Linux, Mac, Windows

Programming Language

PHP

Related Categories

PHP Security Software

Registered

2021-10-20
Report inappropriate content