Professional Penetration Testing Lab - (OWASP BWA)

What is OWASP-BWA ?
                         OWASP-BWA (Broken Web App) is advance Penetration testing lab of OWASP (Open Web Application Security Project), they created it for Hackers, Security Professional and Expert - Simply all wanted to learn something more advance hacks & they can't practice it on Real World Web-app and Exploit it, it would be Crime. - By looking all this OWASP created a New Project with Advance Hi-tech Penetration testing lab using VM-Virtual Machine and Distributed for free, & it's really very awesome yet. Try it ;)

What does OWASP-BWA Contain ?
     OWASP-BWA is just awesome with all stuffs, Just give a try : It Contains :
  • Ghost Security
  • OWASP WebGoat.NET
  • Peruggia
  • Hackxor
  • BodgeIt
  • WackoPicko
  • DVWA
  • Mutillidae
  • Hack-academic Challenges
  • Web-Goat
  • Google Gruyere
  • OWASP Vicnum
  • [Exploits & Vul] : Wordpress, Joomla, Orange RHM, GetBoo, Yazd, Gallery2, Tiki-Wiki, Aw-stats. Pen-testing & Vul Exploitation Methods.
  • OWASP CSRF (Test) Guard Application
  • Mandiant Struts forms
  • Simple ASP.NET Forms
  • Simpl form with DOM (Cross Site Scripting).
  • OWASP - App sensor Demo Application.

How to Install OWASP - BWA ?
                Going to be rocking easy, Just we need to download files and Get started but files are about 950 MB, in complete VM-Ware Virtual Machine.

Requirements : 
How to Install OWASP - BWA Lab ? 
  • Download & Install VM-Ware Player, It's simply Easy.
  • Now Download OWASP - BWA Pentest lab Setup.
  • Now, Extract OWASP-BWA pen-test files and search for OWASP Broken Web Apps.vmx Double Click on it.

    Click to Enlarge screenshot
  • Now you'll see it will Open new window of VM-ware player and wait for 2-3 min until it ask you for login details.

    Click to Enlarge screenshot
  • Well, you can see they already gave us login ID and Password
    Username : root
    Password  : owaspbwa
  • Enter login details & Hit Enter now wait for 10 sec and it will ask for some commands like Linux Terminal.

    Click to Enlarge screenshot
  • That is a Successful message, Do not type anything Just minimize it, and Click on this Link : 
  • So, finally we did it - Enjoy the Professional Pentesting lab & Stay tuned with us for more tutorials on Pentest, Hacks and Security.

About Lasha Gogua

    Blogger Comment
    Facebook Comment


Post a Comment