Damn Vulnerable Web Application (DVWA)
Easy built in support for containers by @hoang-himself .
Fixed a bug where the session cookie would not be set correctly if the web server was running on a non-standard port.
Was never used so removed it.
A new, Open HTTP Redirect vulnerability has been added.
Merging in the new Authorisation Bypass module
Pastebin are now adding a nosniff header so moved to Hastebin for the low level CSP lab.
Also fixed some broken links.
There hasn't been a release for a very long time, so this one brings the last 5 years together into a big release.