🔬 There are many vulnerable testing web apps like:
The Damn Vulnerable Web Application (DVWA) is a web application built with PHP and MySQL intentionally designed to be susceptible to security vulnerabilities. Its primary purpose is to serve as a resource for security professionals to assess their skills and tools within a legal context. Additionally, it aids web developers in gaining a deeper understanding of the processes involved in securing web applications and facilitates learning about web application security for both students and teachers in a controlled classroom setting.
DVWA is designed to provide a platform for practicing various common web vulnerabilities at different difficulty levels, all presented through a simple and user-friendly interface. It's important to note that there are deliberate both documented and undocumented vulnerabilities within the software, encouraging users to explore and identify as many issues as possible.
{% embed url="https://github.com/digininja/DVWA" %}
{% content-ref url="https://app.gitbook.com/s/rRWtuMw6xkkeDjZfkcWC/dvwa" %} DVWA {% endcontent-ref %}
{% embed url="https://portswigger.net/web-security/all-labs" %}
{% hint style="danger" %}
- Never use tools and techniques on real IP addresses, hosts or networks without proper authorization! {% endhint %}