Getting Started with Webgoat
This post is how to set up and start exploring webgoat, an intentionally vulnerable web application.
Getting started with webgoat is rather easy. I am using Docker to run this application. The command is
1
docker run -p 0.0.0.0:8080:8080 -p 0.0.0.0:9090:9090 -e TZ=America/New_York webgoat/webgoat
Once the image is pulled and the container is up and running you can visit http://<IP-OF-HOST>:8080/WebGoat, you’ll be greeted by a sign on page. 
Click to register a new user or register yourself as a new user.
You can start going through the lessons.
This post is licensed under CC BY 4.0 by the author.