OWASP Damn Vulnerable Web Sockets (DVWS)
#Application Protection#Application Security
A managed Web Application and API Protection (WAAP) platform that combines WAF, API security, DDoS protection, and bot mitigation with 24/7 monitoring services.
OWASP Damn Vulnerable Web Sockets: A Focus on Web Socket Communication
OWASP Damn Vulnerable Web Sockets (DVWS) is a purposely vulnerable web application designed to utilize web sockets for communication between the client and server.
The Application Flow Resembles DVWA
You will discover more vulnerabilities than those that are listed within the application.
Requirements
On your attacker machine, open the hosts file and create an entry for dvws.local. This entry should point to the IP address that is hosting the DVWS application.
The application requires Apache, PHP, and MySQL
The application requires Apache, PHP, MySQL, PHP with MySQLi support, Ratchet, and ReactPHP-MySQL. To install 'Ratchet' and 'ReactPHP-MySQL', use Composer. In the includes/connect-db.php file, set the MySQL hostname, username, password, and specify an existing database name. After that, navigate to Setup to complete the configuration of DVWS. To run DVWS: On the host where this application is installed, execute the following command from the DVWS directory: php ws-socket.php --heartbeat-interval .
