Learn Web hacking using DVWA

With lots of curious readers asking me how to practice hacking and from where to start,Damn Vulnerable Web App Untitled-1(DVWA) is great application to plunge yourself in.DVWA is a PHP/MySQL web application that is damn  vulnerable..literally. Its main goals are to be light weight, easy to use and full of vulnerabilities to exploit and it successfully achieves those :P . And frankly it can be used to learn or teach the art of web application security.
The DVWA is bundled with the following  type of vulnerabilities-
  • SQL Injection
  • XSS (Cross Site Scripting)
  • LFI (Local File Inclusion)
  • RFI (Remote File Inclusion)
  • Command Execution
  • Upload Script
  • Login Brute Force
(Shamelessly ripped off from official statement :P )
It should come as no shock..but this application is damn vulnerable! Do not upload it to your hosting provider’s public html folder or any working web server as it will be hacked. It’s recommend that you download and install XAMP onto a local machine inside your LAN which is used solely for testing.
You can download DVWA 1.0.4 here:
Download DVWA

Keep learning..



  1. HEy dude ..im sry for copying your content...but i have linked back !

  2. hey help me i have downloaded but i am unable to use (i am new to this hacking & pc world as i am science student)
    interested in learning it. When i downloaded i got .php files.. plz help

  3. Hi, All!
    I'm excited to join team hacker. happy to be acquainted with you.


Need to say something ? Spell it out :)