Damn Vulnerable Web App - DVWA

DVWA v1.0.5 released!

Damn Vulnerable Web App (DVWA) v1.0.5 has been officially released today at 18:30 GMT on the 03/09/2009 after 3 months of work.

‘
Whats new?
Complete re-code.
Complete re-design.
CSRF vulnerability.
Stored XSS vulnerability.
Full Path Disclosure vulnerability.
Login page.
Sessions.
Many bug fixes.
PHPIDS implementation.
+ much more

‘

DOWNLOAD

DVWA v1.0.5 coming soon…

DVWA v1.0.5 will be released in the near future sporting many changes including more vulnerabilities and features.

‘

Since version 1.0.4 we have a bigger open source community which have pushed DVWA to a whole new level, with out them the project couldn’t be what it is today.

‘

DVWA v1.0.5 change log:

Complete re-code.

Complete re-design.

CSRF vulnerability.

Stored XSS vulnerability.

Full Path Disclosure vulnerability.

Login page.

Sessions.

Many bug fixes.

PHPIDS implementation.

+ much more

‘

We are looking for sponsors for version 1.0.5 and future versions. If you would like to reach thousands of security professionals and students DVWA is for you. If you would like to sponsor our great project please email sales[A]ethicalhack3r.co.uk.

‘

Alternatively if you have found DVWA useful you can donate funds to the project here or contribute and become a member of the project here.

‘

You can download and give DVWA v1.0.5 a try before its release by downloading the development version of DVWA from sourceforge.

‘

DVWA v1.0.5 screenshots:

‘

Id like to thank the DVWA team for their contributions to the project, jamesr, Tedi and Craig Bryson to name a few. I would also like to thank every one who has blogged, tweeted, given feedback, made videos and podcast-ed DVWA.

Pentest Labs: Web Application Edition (securityaegis)

Ever wanted to set up a complete web application penetration testing lab with all the best tools available? Here is an awesome video by www.securityaegis.com to show you how to do it.
‘

Web App Lab Setup from Laz3r (of Securityaegis.com) on Vimeo.

‘
For a full write up on how to do this or for more information check out their original blog post:
http://www.securityaegis.com/?p=574

dvwa video presentation at SuperMondays

Here is the video from my presentation on dvwa at the SuperMondays event in Newcastle Upon Tyne.

‘

‘

I think I must hold the record for the amount of “ammm…” ’s in a 16 minute period! My first public talk so much room for improvement.