访问地址(Saas):https://dvwa.exp-9.com/
源代码:https://github.com/digininja/DVWA/
Damn Vulnerable Web Application (DVWA)(译注:可以直译为:"该死的"不安全Web应用程序),是一个编码差的、易受攻击的 PHP/MySQL Web应用程序。 它的主要目的是帮助信息安全专业人员在合法的环境中,练习技能和测试工具,帮助 Web 开发人员更好地了解如何加强 Web 应用程序的安全性,并帮助学生和教师在可控的教学环境中了解和学习 Web 安全技术。
DVWA的目的是通过简单明了的界面来练习一些最常见的 Web 漏洞,所练习的漏洞具有不同的难度级别。 请注意,此软件存在提示和无提示的漏洞。 这是特意为止。 我们鼓励您依靠自己的能力尝试并发现尽可能多的安全问题。
Damn Vulnerable Web Application (DVWA) is a PHP/MySQL web application that is damn vulnerable. Its main goal is to be an aid for security professionals to test their skills and tools in a legal environment, help web developers better understand the processes of securing web applications and to aid both students & teachers to learn about web application security in a controlled class room environment.
The aim of DVWA is to practice some of the most common web vulnerabilities, with various levels of difficulty, with a simple straightforward interface. Please note, there are both documented and undocumented vulnerabilities with this software. This is intentional. You are encouraged to try and discover as many issues as possible.