Mutillidae

Mutillidae is an open source insecure web application that is designed for penetration testers to practice web app-specific vulnerability exploitation.

XAMPP is another free and open source cross-platform web server solution stack package, developed by Apache Friends. XAMPP can be downloaded from this URL:
https://www.apachefriends.org/download.html

We will now be installing XAMPP to our newly installed Microsoft Windows 2008 R2 server to host it. Once XAMPP is downloaded, let's go ahead and install the executable by following the wizard. Once the installation is complete, launch XAMPP and you should be able to see the following screen:

Mutillidae can be downloaded from https://sourceforge.net/projects/mutillidae/files/latest/download.

Unzip the file and copy the folder to c:\yourxampplocation\htdocs\<mutillidae>.

We should be able to see the web application installed successfully, as shown in the following screenshot, and it can be accessed by visiting http://localhost/mutillidae/: