Needs to do setup and This week you will watch Setting Up Damn Vulnerable Web Applications (DVWA) Environment
at
Post a Screen shot and Discuss the advantages and disadvantages of (DVWA)
Post 1 ManasaDVWA has numerous vulnerability as its name attest. It has been used in institutions and by professional in companies to either train or sharpen their skills in hacking. There are four levels of vulnerabilities: low, medium followed by high and finally impossible, which offers a good ground to sharpen once skills with the various levels or from the level one is.Experience:Since I had installed VMware which was using port 80 I had to configure the listening port for xampp apache to 8080 and call it from that port.AdvantagesIt is easy to install and run, in case you are stuck, there are a dozen YouTube video that can help to do that.It is considered the best place to do, practice, and sharpen hacking skills.Since the app runs on a local server, which is directly connected, to the user then it is legal.DisadvantagesSince it is freely available online black hat hackers to train and latter launch successful attacks can use it.
Post 2 SatyanarayanaDVWA is a web application developed in both PHP and MySQL. It is designed in a way that it is seriously vulnerable. Its main purpose was to serve the it security professionals (Kumar & Taterh, 2016).Some of its advantages include:It allows professionals to test their skills in a legal environmentIt acts as a tool (sandbox) to teach and train student in the field of security in a safe environment.One can change the vulnerability level and test the various techniques that would be utilized by hackers.It is open source and any student or professional does not require permission to install and use it.Its installation process is very simple.Despite the many advantages, this application has its limitations, which include:Accessible by cybercriminals who train the same as those who are to prevent them and in some cases, the bad people are better than those who are trained to prevent (Kumar & Taterh, 2016) t them.Curious student my find themselves after a few training, trying to attack real world website for instance to change their grades which is illegal.Another issue is its limited diversity. The application mainly focusses on web attacks and does not consider other attacks such as WPA among others.