Kali Linux Virtual Machine
You can setup Kali Linux VM via Microsoft Azure Marketplace
Setup Damn Vulnerable Web Application (DVWA) in Kali Linux VM
This just for Education Purpose.
In this article, we will use
OWASP-ZAP is an easy-to-use integrated penetration testing tool for finding vulnerabilities in web applications.
I'm self learner and I'm not certified in any Cyber Security Certification. Try at your own risk. Feel free to comment.