Installation of DVWA in Windows 10 Using XAMPP
- August 14, 2023
- Posted by: Vijay
- Category: DVWA
DVWA, short for Damn Vulnerable Web Application, is a PHP/MySQL-based web application, specifically engineered to contain security flaws. For budding cybersecurity enthusiasts, DVWA provides a safe and legal platform to hone their hacking skills and test penetration tools.
- A computer running Windows 10.
- Administrative rights on the computer for installation purposes.
- Basic knowledge of web servers and databases.
Before we delve into the installation, let’s understand why we’re using XAMPP. XAMPP is a powerful software distribution that provides an easy way to host web applications locally. It’s user-friendly, free, and offers cross-platform functionality.
1. Installing XAMPP
XAMPP serves as the backbone in this setup, providing necessary services like Apache and MySQL.
- Download XAMPP: Head over to XAMPP’s official website and download the latest stable release for Windows.
- Run the Installer: Once downloaded, initiate the setup. Follow the installation prompts. Ensure that both Apache and MySQL modules are selected.
- Post Installation: After successful installation, open the XAMPP Control Panel. You should see a list of services. Start both Apache and MySQL.
2. Tweaking PHP for DVWA
For DVWA to function effectively, certain PHP parameters need adjustment.
- Head to
C:\xampp\php\and locate the
- Using any text editor, open
- Find the line
allow_url_includeand set its value to
allow_url_include = On
- Save the file and exit.
- Remember to restart Apache from the XAMPP Control Panel to implement these changes.
3. Deploying DVWA
- Get DVWA: Visit DVWA’s GitHub page: https://github.com/digininja/DVWA. Click on the green “Code” button and download the ZIP file.
- Place in XAMPP: Once downloaded, extract the ZIP file and place it in
C:\xampp\htdocs. For ease, rename the folder to simply
- Configuration Tweaks: Inside the
dvwafolder, navigate to
config. Rename the file
4. Initializing DVWA
- In your preferred web browser, visit http://localhost/dvwa.
- DVWA requires a database setup. Click on the
Create / Reset Databasebutton. This action initializes the required database components.
- Post setup, the login page emerges. Default credentials are:
- Username: admin
- Password: password
DVWA is intentionally vulnerable. Hence, do not host it on external servers or expose it to the internet. Keep it restricted to your local environment.
Now that you have DVWA installed:
- Discover: Explore each section of DVWA. Understand the vulnerabilities it showcases.
- Research: For each vulnerability, research about its nature, why it exists, and its real-world implications.
- Practice: Use the knowledge gained to exploit these vulnerabilities. Tools like Burp Suite and OWASP Zap can be instrumental.
Installing DVWA on Windows using XAMPP is a simple yet rewarding endeavor. It provides a sandboxed environment for cybersecurity enthusiasts to learn, experiment, and grow. Always remember the ethical boundaries and use your knowledge responsibly. Happy hacking!
Read More Blogs
INTERNET OF THINGS PENETRATION TESTING COURSE NOW AVAILABLE IN SAKET, NEW DELHI – 2023
10 BEST LAPTOPS FOR HACKING IN 2023
HOW TO START A CAREER IN CYBERSECURITY: YOUR PATH TO A THRIVING TECH FUTURE
JOIN THE DIGITAL CYBER FORENSICS INVESTIGATION COURSE IN SAKET, NEW DELHI
3 REASONS TO CONSIDER A CYBER SECURITY CAREER IN INDIA
Table of Contents
Table of Contents