Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is damn vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, help web developers better understand the processes of securing web applications and aid teachers/students to teach/learn web application security in a class room environment.

Contribute

Everyone is welcome to contribute and help make DVWA as successful as it can be. With out the DVWA community DVWA would not be what it is today.

You can contribute by submitting your code to the DVWA forums. If the code is usefull it will be added to the DVWA SourceForge SVN repository ready for the next release. If you want to become a member of the DVWA development team, first submit your code changes to the forum and then send a request via PM to one of the developers.

SVN

If you would like to check out the unreleased development (unstable) version of DVWA you can download it from the SourceForge SVN repository: https://dvwa.svn.sourceforge.net/svnroot/dvwa using an SVN client.
xampp logo


linux/windows logo


opensource logo