Damn Vulnerable Web Services
#Application Protection#Application Security
A tool for detecting capabilities in executable files, providing insights into a program's behavior and potential malicious activities.
Damn Vulnerable Web Services Overview
Damn Vulnerable Web Services is an intentionally insecure web application that contains multiple vulnerable web service components. It is designed to help users learn about real-world web service vulnerabilities.
The Objective of This Project
The objective of this project is to assist security professionals in understanding Web Application Security by providing a hands-on lab environment.
This application includes the following vulnerabilities
This application has the following vulnerabilities:
- WSDL Enumeration
- XML External Entity Injection
- XML Bomb Denial-of-Service
- XPATH Injection
- WSDL Scanning
- Cross Site-Tracing
- OS Command Injection
- Server Side Request Forgery
- REST API SQL Injection
- Same Origin Method Execution
- JSON Web Token (JWT) Secret Key Brute Force
- Cross-Origin Resource Sharing
Instructions: DVWS can be utilized with an XAMPP setup. XAMPP is a free and open-source web server solution that operates across different platforms. It primarily consists of an Apache Web Server and a MySQL database. To set it up, first download and install the XAMPP software. Then, download the dvws folder and place it in your htdocs directory. Finally, set up or reset the database by navigating to http://localhost/dvws/instructions.php
