Creating a vulnerable virtual machine

Now we are ready to create our first virtual machine, it will be the server that will host the web applications we'll use to practice and improve our penetration testing skills.

We will use a virtual machine called OWASP-bwa (OWASP Broken Web Apps) that is a collection of vulnerable web applications specially set up to perform security testing.

How to do it...

Go to http://sourceforge.net/projects/owaspbwa/files/ and download the latest release's .ova file. At the time of writing, it is OWASP_Broken_Web_Apps_VM_1.1.1.ova.
Wait for the download to finish and then open the file.
VirtualBox's import dialog will launch. ...

Get Kali Linux Web Penetration Testing Cookbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Kali Linux Web Penetration Testing Cookbook by Gilberto Nájera-Gutiérrez

Creating a vulnerable virtual machine

How to do it...

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly