Blog
Installation of DVWA in Windows 10 Using XAMPP
- August 14, 2023
- Posted by: Vijay
- Category: DVWA
Introduction
Damn Vulnerable Web Application (DVWA in Windows) is a web-based PHP/MySQL application that is designed to contain security vulnerabilities. It provides an opportunity for cybersecurity enthusiasts to test penetration tools and hone their hacking skills legally and safely.
Prerequisites
- A computer running Windows 10.
- Administrative rights on the computer for installation purposes.
- Basic knowledge of web servers and databases.
Why DVWA in Windows?
Before we delve into the installation, let’s understand why we’re using XAMPP. XAMPP is a powerful software distribution that provides an easy way to host web applications locally. It’s user-friendly, free, and offers cross-platform functionality.
Installation Process
1. Installing XAMPP
XAMPP serves as the backbone of this setup, providing necessary services like Apache and MySQL.
- Download XAMPP: Head over to XAMPP’s official website and download the latest stable release for Windows.
- Run the Installer: Once downloaded, initiate the setup. Follow the installation prompts. Ensure that both Apache and MySQL modules are selected.
- Post Installation: After successful installation, open the XAMPP Control Panel. You should see a list of services. Start both Apache and MySQL.
2. Tweaking PHP for DVWA
For DVWA to function effectively, certain PHP parameters need adjustment.
- Head to
C:\xampp\php\
and locate thephp.ini
file. - Using any text editor, open
php.ini
. - Find the line
allow_url_include
and set its value toOn
:graphqlallow_url_include = On
- Save the file and exit.
- Remember to restart Apache from the XAMPP Control Panel to implement these changes.
3. Deploying DVWA
- Get DVWA: Visit DVWA’s GitHub page: https://github.com/digininja/DVWA. Click on the green “Code” button and download the ZIP file.
- Place in XAMPP: Once downloaded, extract the ZIP file and place it in
C:\xampp\htdocs
. For ease, rename the folder to simplydvwa
. - Configuration Tweaks: Inside the
dvwa
folder, navigate toconfig
. Rename the fileconfig.inc.php.dist
toconfig.inc.php
.
4. Initializing DVWA
- In your preferred web browser, visit http://localhost/dvwa.
- DVWA requires a database setup. Click on the
Create / Reset Database
button. This action initializes the required database components. - Post setup, the login page emerges. Default credentials are:
- Username: admin
- Password: password
Safety First
DVWA is intentionally vulnerable. Hence, do not host it on external servers or expose it to the internet. Keep it restricted to your local environment.
Learning Path
Now that you have DVWA installed:
- Discover: Explore each section of DVWA. Understand the vulnerabilities it showcases.
- Research: For each vulnerability, research about its nature, why it exists, and its real-world implications.
- Practice: Use the knowledge gained to exploit these vulnerabilities. Tools like Burp Suite and OWASP Zap can be instrumental.
Conclusion
Installing DVWA on Windows using XAMPP is a simple yet rewarding endeavor. It provides a sandboxed environment for cybersecurity enthusiasts to learn, experiment, and grow. Always remember the ethical boundaries and use your knowledge responsibly.
Related
Table of Contents
Leave a ReplyCancel reply
About Us
CrawSec, commonly known as Craw Security is a paramount cybersecurity training institution situated at Saket and Laxmi Nagar locations in New Delhi. It offers world-class job-oriented cybersecurity training programs to interested students.
Contact Us
1st Floor, Plot no. 4, Lane no. 2, Kehar Singh Estate Westend Marg, Behind Saket Metro Station Saidulajab New Delhi – 110030
Trending Cyber Security Courses
One Year Cyber Security Course | Basic Networking | Linux Essential | Python Programming | Ethical Hacking | Advanced Penetration Testing | Cyber Forensics Investigation | Web Application Security | Mobile Application Security | AWS Security | AWS Associate | Red Hat RHCE | Red Hat RHCSA | CCNA 200-301 | CCNP Security 350-701 | CompTIA N+ | CompTIA Security+ | CompTIA Pentest+
Are you located in any of these areas
NARELA | BURARI | TIMARPUR | ADARSH NAGAR | BADLI | RITHALA | BAWANA | MUNDKA | KIRARI | SULTANPUR MAJRA | NANGLOI JAT | MANGOL PURI | ROHINI | SHALIMAR BAGH | SHAKUR BASTI | TRI NAGAR | WAZIRPUR | MODEL TOWN | SADAR BAZAR | CHANDNI CHOWK | MATIA MAHAL | BALLIMARAN | KAROL BAGH | PATEL NAGAR | MOTI NAGAR| MADIPUR | RAJOURI GARDEN | HARI NAGAR | TILAK NAGAR | JANAKPURI | VIKASPURI | UTTAM NAGAR | DWARKA | MATIALA | NAJAFGARH | BIJWASAN | PALAM | DELHI CANTT | RAJINDER NAGAR | NEW DELHI | JANGPURA | KASTURBA NAGAR | MALVIYA NAGAR | R K PURAM | MEHRAULI | CHHATARPUR | DEOLI | AMBEDKAR NAGAR | SANGAM VIHAR | GREATER KAILASH | KALKAJI | TUGHLAKABAD | BADARPUR | OKHLA | TRILOKPURI | KONDLI | PATPARGANJ | LAXMI NAGAR | VISHWAS NAGAR | KRISHNA NAGAR | GANDHI NAGAR | SHAHDARA | SEEMA PURI | ROHTAS NAGAR | SEELAMPUR | GHONDA | BABARPUR | GOKALPUR | MUSTAFABAD | KARAWAL NAGAR | GURUGRAM | NOIDA | FARIDABAD
Craw Cyber Security (Saket and Laxmi Nagar) is just a few kilometer’s drive from these locations.
Can we help you?