Nowadays when a lot of businesses are going online or at least have to be present on the Web, penetration testers mostly deal with web applications rather than with infrastructure pentests. Therefore, it is essential for a penetration tester to acquire web application hacking skills and improve them constantly.
Working with limited computing resources
If you experience a lack of computing power for creating other virtual servers, you can install all web applications on the same server. Alternatively, you can install some of them on the "attacker's machine" or the penetration testing machine that you are going to use for hacking.
We will use a LAMP (Linux, Apache, and MySQL*PHP) server based on Ubuntu Server 14.03.4 LTS to install web applications. But if you prefer to use Windows for some reason, you can use XAMPP—an Apache distribution containing MySQL, PHP, and Perl.