The easiest way to run the Web Application Vulnerability Scanner Evaluation Project (WAVSEP) is using the docker image created by owaspvwad.

Prerequisite tasks: Install and run Docker.

Once you have Docker up and running, run the following command in the terminal to pull a WAVSEP image from the registry owaspvwad/wavsep:

docker pull owaspvwad/wavsep

To ensure that the image was pulled correctly on your server, run the following command:

docker images

What this command does is list all the Docker images that are currently on your server. When you run the “images” command you should see an output similar to the following:

REPOSITORY            TAG                 IMAGE ID            CREATED             SIZE
owaspvwad/wavsep      latest              644add649909        20 months ago       1.15GB

Now, the last step is to run the Docker WAVSEP container. This can be done using the “run” command:

docker run -p 127.0.0.1:8090:8080 owaspvwad/wavsep

In the command we specify the host to be “localhost” and the port number to be “8090”. Now, you should be able to access WAVSEP on your browser: http://localhost:8090/wavsep.


This concludes our tutorial.