Tiwap is a web application penetration test learning tool that contains a lot of vulnerabilities. It also begins a web security test platform. This tool is based on Python and Flask to help some information security enthusiasts or testers learn and understand various types. Web security vulnerability. The inspiration of the tool is from DVWA, and developers have tried to re-generate a variety of web vulnerabilities.
This tool is for educational purposes only, we strongly recommend that users are installed and using Tiwap on virtual machines instead of installing them in an internal or external server.
Tool installation & configuration
In order to help the majority of users to install and use Tiwap easily, we have helped everyone complete the configuration of the project, we only need to install Docker on the local system.
After installing Docker, we can run the following command to download and install Tiwap:
Note: This tool installation is only supported on the Linux platform, and the compatibility with Windows platform is now resolved.
After the experimental environment starts, we can log in with the default credentials:
Username: admin Password: admin
Tool technology stack
Among them, each vulnerability provides three grades of vulnerability utilization difficulty, namely low LOW, intermediate Medium, and difficult Hard, we can make a corresponding configuration in the setup page according to your own needs.
The development and distribution of this project follow the MIT open source license agreement.