# DVWA

### Exercises

* [DVWA Exercises 1](https://cas-cyber.gitbook.io/cas-cybersecurity/web-application-security/dvwa/dvwa-exercises-1) (Bruteforce Attack)
* [DVWA Exercises 2](https://cas-cyber.gitbook.io/cas-cybersecurity/web-application-security/dvwa/dvwa-exercises-2) (Command Injection, Reverseshell)
* [DVWA Exercises 3](https://cas-cyber.gitbook.io/cas-cybersecurity/web-application-security/dvwa/dvwa-exercises-3) (CSRF, Fileinclusion)
* [DVWA Exercises 4](https://cas-cyber.gitbook.io/cas-cybersecurity/web-application-security/dvwa/dvwa-exercises-4) (Remote Fileinclusion, Fileupload vulnerability)
* [DVWA Exercises 5](https://cas-cyber.gitbook.io/cas-cybersecurity/web-application-security/dvwa/dvwa-exercises-5) (SQL Injection basic and union,DB enumerationm,PW hash cracking)
* [DVWA Exercises 6](https://cas-cyber.gitbook.io/cas-cybersecurity/web-application-security/dvwa/dvwa-exercises-6) (Blind SQL Injection, SQLmap)
* [DVWA Exercises 7](https://cas-cyber.gitbook.io/cas-cybersecurity/web-application-security/dvwa/dvwa-exercises-7) (Weak session id)
* [DVWA Exercises 8](https://cas-cyber.gitbook.io/cas-cybersecurity/web-application-security/dvwa/dvwa-exercises-8) (DOM based XSS, Reflected XSS, Stored XSS)