This project demonstrates how to securely set up and configure Damn Vulnerable Web Application (DVWA) on Kali Linux. DVWA is a widely used platform for learning and practicing web security vulnerabilities in a controlled environment.
Deploy and configure DVWA locally to explore common web vulnerabilities (like SQLi, XSS, CSRF) and strengthen hands-on web application security skills.
- Kali Linux (2023+)
- Apache2
- PHP 8.2+
- MariaDB
- DVWA (https://github.com/digininja/DVWA)
- Git
Removed old DVWA, Apache, MariaDB, and PHP configurations to avoid conflicts.
📸 Screenshot:
Installed Apache2, PHP, MariaDB, and required modules for DVWA.
📸 Screenshot:
Ensured Apache and MariaDB were running properly using systemctl.
📸 Screenshot:
Logged into MariaDB and created the DVWA database, user, and granted privileges.
📸 Screenshot:
Edited /etc/php/8.2/apache2/php.ini to allow URL includes and enable display errors for DVWA functionality.
📸 Screenshot:
Navigated to http://localhost/DVWA/setup.php to run the database setup.
📸 Screenshot:
All screenshots are inside the /screenshots/ folder.
- DVWA Installed
- Apache and MariaDB Configured
- Database Setup Complete
- Ready for login and security testing (optional next step)
DVWA is intentionally insecure. Do NOT expose it to the public internet or production environments. Use only in local or isolated test environments.
Tariq Shinwari
Cybersecurity Student | George Mason University