I hope you learned about the Sql injection and XSS from BTS. But you may curious to practice the SQLi and XSS attacks. we know that doing the attack on third-party website is crime. So how can we do the practice? Here is the solution for you friends. Why shouldn't set up your own web application ? Yes, you can setup your own Pen Testing lab for practicing the XSS and SQLi vulnerabilities.
When i surf in the internet, i come to know about the "Damn Vulnerable Web App (DVWA)". It is one of web application that used for practicing your Ethical hacking/Pen Testing skills in legal way.
Download this web Application from here:
For Installing the this application, you will need XAMPP server.
The installation procedure :
Using this application , you can also practice:
- LFI /RFI (File Inclusion methods)
- Command Execution
- Upload Script
- Login Brute Force