DWVA is a popular framework that is used to test the application security, also known as Damn Vulnerable Web Application. It is based on testing the web application and it comes with built-in vulnerabilities for the user so the user can try and test the hacking techniques in a controlled environment.
In this guide, we’ll walk you through the step-by-step process of installing and configuring DVWA on a Windows system, ensuring you have everything you need to start your cybersecurity journey.
Table of Content
How to Setup DVWA In Windows?
For the setup of DVWA after we download and install XAMPP we will have to download and set up the DVWA so let's understand the steps for setting up DVWA in windows.
Following are the steps required to setup DVWA in Windows:
Step 1: Download XAMPP
The first step is to download the XAMPP control panel which will help us to create a local server where we can install the DVWA and access it within the system with the help of a browser.
For this simply go to a search engine and search for xampp download and the official Apache website will be opened.
Once the website opens go to the Download menu select the appropriate version and file according to your operating system and click on the download button then the download will be started.
Once the setup is downloaded move to the next steps.
Step 2: Installation of XAMPP
When the download of the XAMPP control panel finishes, double-click to start the installer. Accept the terms and avoid altering any service settings.
Wait for it to complete, then open the control panel and enable the top two services: Apache (for server creation) and MySQL (for DVWA installation).
Once these two services are started then it means the local server is up and running, now we can download and install the DVWA.
Step 3: Download DVWA
Once the services are started we will have to download the DVWA, for this go to the search engine again and search for DVWA and the first link to a GitHub repository will be shown open it:
Once the repository opens click on the Code button and then click on the download ZIP button to download the DVWA as a zip file for installation.
Step 4: Install DVWA
Now that we have the DVWA as a zip we can install it by pasting it in the XAMPP directory, copying the zip file, and going to the directory where you have installed XAMPP, usually by default it is installed in the C:/xampp/, and go to htdocs folder.
Here paste the zip file and then extract it, once it is extracted it will show similar files in the directory:
Once the files are pasted we can check whether DVWA is successfully running in XAMPP or not.
Step 5: Verify DVWA Installation
Once the DVWA is installed after extracting the files, we can check it by opening the following IP in any browser:
/localhost/Because we have installed DVWA in the root directory of htdocs we do not have to add any other folder in /localhost/ to open DVWA.
Once this webpage opens we can say that DVWA is successfully installed and set up in the windows, but if we want to confirm if it is working or not we can go to Command Injection and type the following command:
| whoamiAs you can see in the image below as well:
This should return the desktop name and the user name for the DVWA if it is working properly:
As you can see in the image above it is returning the desktop system name as well as the user name which means it is set up correctly.
Conclusion
It is important to understand how we can set up the DVWA in the Windows operating system because, unlike the Linux operating system, we do not have many options for creating a local server and that is why we can use the XAMPP control panel to create a local server and install the DVWA in the local system.
Ensure to approach your learning ethically and responsibly, using the knowledge gained to improve security practices and protect systems against real-world attacks.