I would start with something like DVWA: https://dvwa.co.uk/. Source: about 2 years ago
When you've got that, do some web-based challenges. The Damn Vulnerable Web Application is a great start as it has a little bit of everything. Start with Cross-Site Scripting, for example. Google it. Look at write-ups. Look at the solution for your current challenge, but it is important that you figure out why it works. As you go along with DVWA you will come across PHP and SQL. So google those and learn and... Source: about 2 years ago
Yes, the top 10 is a good place to start and pick a category from. For practice and demonstration you can use https://owasp.org/www-project-juice-shop/ or https://dvwa.co.uk/. Source: over 2 years ago
Https://dvwa.co.uk/ Several difficulty levels on each topic. Source: over 2 years ago
It's not a distro, but you might still find DVWA (Damn Vulnerable Web Application) interesting. It's a PHP/MySQL-based web app, with the same goal as the distro you mentioned. Source: over 2 years ago
There's a JavaScript challenge in DVWA where a page asking us to submit the word "success" to win. Source: over 2 years ago
Https://dvwa.co.uk and https://owasp.org/www-project-juice-shop/ are other good applications to build/test your knowledge. You can usually find a prebuilt VM with them somewhere. Source: over 2 years ago
This testing is performed on DVWA v1.0.7 (old version), you can get similar version which is installed on Metasploitable2. Source: over 2 years ago
Strongly recommend the following project as well: given Damn Vulnerable Web App (DVWA), do. Source: over 2 years ago
As for the hacking, I know you said you’re new but does anything catch your eye? Most hackers have one or two things they absolutely specialize in bc it clicks with them, they can do it all but are really good at their specialty. As for test servers, I’d highly recommend dvwa https://dvwa.co.uk/ for hosting your own test server, and TryHackMe for something hosted by someone else. Source: almost 3 years ago
a web app that has some/all of the OWASP Top 10 (look at something like https://dvwa.co.uk/). Source: almost 3 years ago
You should probably look into the damn vulnerable web app. Https://dvwa.co.uk/. Source: about 3 years ago
Hands-on security: Juice Shop and Damn Vulnerable Web App are good choices, along with Capture the Flag competitions. Source: about 3 years ago
Do you know an article comparing Damn Vulnerable Web Application to other products?
Suggest a link to a post with product alternatives.
This is an informative page about Damn Vulnerable Web Application. You can review and discuss the product here. The primary details have not been verified within the last quarter, and they might be outdated. If you think we are missing something, please use the means on this page to comment or suggest changes. All reviews and comments are highly encouranged and appreciated as they help everyone in the community to make an informed choice. Please always be kind and objective when evaluating a product and sharing your opinion.
