This repository provides a Visual Studio Code Dev Container setup for Damn Vulnerable Web Application (DVWA) using Docker. This environment allows penetration testers and security enthusiasts to explore and practice web application security in an isolated, controlled setup.
- Pre-configured Docker setup for DVWA
- Seamless integration with VS Code Dev Containers
- MySQL database setup for DVWA
- Persistent storage for database data
- Port forwarding for easy access via
http://localhost:8080
Before you start, ensure you have the following installed on your system:
- Clone this repository:
git clone <repository-url> cd <repository-folder>
- Open the folder in VS Code.
- Reopen the project inside the Dev Container:
- Click on "Reopen in Container" when prompted
- Or open the command palette (
Ctrl+Shift+P) and select:Remote-Containers: Reopen in Container
- Wait for the container to build and start.
- Access DVWA in your browser:
- Open
http://localhost:8080 - Use the default credentials:
- Username:
admin - Password:
password
- Username:
- Open
.devcontainer/devcontainer.json- Configures the VS Code Dev Container.docker-compose.yml- Defines the Docker services for DVWA and the dedicated VS Code dev container.README.md- This documentation.
DVWA is an excellent platform to practice web application security concepts, including:
- SQL Injection
- Cross-Site Scripting (XSS)
- Command Injection
- Security Misconfigurations
If you encounter issues:
- Make sure Docker is running
- Restart the Dev Container (
Ctrl+Shift+P→ Dev Containers: Rebuild and Reopen in Container) - Check container logs:
docker logs dvwa-dev
Happy Hacking! 🛡️