Notes: The CRYPTRON Security GmbH website does not use cookies. No session or user cookies are created when visiting the website. Cookies are small text files that can be stored in a user's Internet browser via a website. Cookies are only created when administrators make adjustments to the CMS. Cookies do not cause any damage to your computer and do not contain viruses. By using this website you agree to the processing of statistical data about you by Google (Google Analytics). We occasionally run marketing campaign with support of Google Analytics for evaluation. You can disable the use of cookies at any time through the settings in your browser. As a rule, cookies are used only for the duration of your session for the purpose of anonymous, static assessments and to improve the user experience on our website. By clicking "OK", you agree to the storage of cookies on your device, which will be used to improve website navigation, analyze website usage and optimize our marketing efforts.

More Information
Info

Cryptron EN

Search

OWASP Juice Shop - Insecure shop simulation

OWASP Juice Shop is arguably the most advanced and sophisticated insecure web application and is offered as a training simulation for professional security researchers and hackers.

It can be used in security training, awareness demos, CTFs and as a guinea pig for security tools! Juice Shop includes vulnerabilities from the entire OWASP Top Ten, as well as many more vulnerabilities found in real-world applications.

OWASP Juice Shop

Juice Shop is written in Node.js, Express, and Angular. It was the first application written entirely in JavaScript to be included in the OWASP VWA Directory. The application contains a large number of hacking challenges of varying difficulty, where the user is asked to exploit underlying vulnerabilities. The progress of hacking is recorded on a scoreboard. Finding this scoreboard is one of the (easy) challenges. Aside from the hacker and awareness training use case, pentesting proxies or security scanners can use Juice Shop as a "guinea pig" application to test how well their tools handle JavaScript-heavy application front-ends and REST APIs.

The OWASP Juice Shop runs on our Heroku Cloud Platform as a Software as a Service (SaaS) application.

Test your security skills now and check our OWASP Juice Shop for OWASP top 10 vulnerabilities.

If you have any questions, please do not hesitate to contact our CRYPTRON Security Team.

Reference:
https://owasp.org/www-project-juice-shop
https://github.com/juice-shop/juice-shop
https://www.heroku.com