The steps that need to be performed are as follows:
- With vm_1 running, open your Kali Linux host's web browser and go to http://192.168.56.10. You will see a list of all the applications that the server contains:
- Let's go to Damn Vulnerable Web Application.
- Use admin as a username and admin as a password. We can see a menu on the left; this menu contains links to all the vulnerabilities that we can practice in this application: Brute Force, Command Execution, SQL Injection, and so on. Also, the DVWA Security section is where we can configure the security (or complexity) levels of the vulnerable inputs:
- Log out and return ...