Hello, I watched @NahamSec twitch interview with @JHaddix and got inspired to do this challenge and training. All walkthroughs and guides which I think may help anyone could be found here.
- Download from VM https://sourceforge.net/projects/owaspbwa/files/1.2/
- Using VMWare > Open a Virtual Machine > Select .vmx file
- If prompted select 'I copied it'
- Configure network settings to 'host only' (its vulnerable webapps and shouldn't be exposed to public unless you like to invite hackers in!)
- Start!
- WebGoat v5.4 💡 there is a newer WebGoat version v8 here
(will be updated as I go through them)