DVWA is much like the install of Metasploitable and by that I mean simple!
Download DVWA from the download link on their website
Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is as the name suggests damn vulnerable.
It’s main goal is to aid security professionals and allow them to test their skills in a legal environment, once setup in our internal environment that is what we will achieve here so let’s get to it!
In VirtualBox click the ‘New’ button to create a new virtual machine and enter in the name type and version as seen in the image below and click on ‘Next’ to continue
Allocate 1GB of memory as that is enough, you can always increase this later anyway
Leave the creation of the hard drive with the defaults and click ‘Create’ to continue
Leave with the defaults once again and click ‘Next’ to continue as VDI is fine for what we are doing here
Defaults are fine again, click ‘Next’ to continue and leave the dynamically allocated disk selected
Leave the defaults again, 8GB’s is fine so click on ‘Create’ to continue
Once created open up the virtual machine settings and remove the floppy and move the CD/DVD and HDD up in the boot order
Next step is to add your ISO to the CD/DVD drive so that you can boot from it
Next change the NIC to internal so that you do not broadcast on your local network
Finally boot it up and press Enter to continue at the screen below
At the next screen choose the live boot option or just wait and it will boot for you with no interaction
Next you will see the following screen which means you have successfully booted up the live CD
In the next installment we will go through the installation and configuration of Kali Linux which is a penetration testing distribution created for security professionals and researchers. You will then have something to poke the vulnerable systems installed so far and see what you can do in a safe environment.