juice-shop/pwning-juice-shop juice-shop/pwning-juice-shop

  • Stars
    star
    218
  • Rank 181,805 (Top 4 %)
  • Language Handlebars
  • License
    Other
  • Created about 8 years ago
  • Updated 3 months ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
juice-shop/pwning-juice-shop
github

juice-shop

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Antora/Asciidoc content for Bjoern Kimminich's free eBook "Pwning OWASP Juice Shop"

{% if book.ctf %}

Pwning OWASP Juice Shop (CTF Edition)

{% else %}

Pwning OWASP Juice Shop

{% endif %}

Written by Björn Kimminich

{% if book.ctf %}

Front Cover

{% else %}

Front Cover

{% endif %}

This is the official companion guide to the OWASP Juice Shop application. Being a web application with a vast number of intended security vulnerabilities, the OWASP Juice Shop is supposed to be the opposite of a best practice or template application for web developers: It is an awareness, training, demonstration and exercise tool for security risks in modern web applications. The OWASP Juice Shop is an open-source project hosted by the non-profit Open Web Application Security Project® (OWASP) and is developed and maintained by volunteers. The content of this book was written for {{book.juiceShopVersion}} of OWASP Juice Shop.

The book is divided into three parts:

Part I - Hacking preparations

Part one helps you to get the application running and to set up optional hacking tools.

Part II - Challenge hunting

Part two gives an overview of the vulnerabilities found in the OWASP Juice Shop including hints how to find and exploit them in the application.

Part III - Getting involved

{% if book.ctf %}

Part three points you to the social media channels and tells you about donation options of the OWASP Juice Shop open source project.

{% else %}

Part three shows up various ways to contribute to the OWASP Juice Shop open source project.

Please be aware that this book is not supposed to be a comprehensive introduction to Web Application Security in general. For every category of vulnerabilities present in the OWASP Juice Shop you will find a brief explanation - typically by quoting and referencing to existing content on the given topic.

Download a .pdf, .epub, or .mobi file from:

Read the book online at:

Contribute content, suggestions, and fixes on GitHub:

Official OWASP Juice Shop project homepage:

{% endif %}

CC BY-NC-ND 4.0

Open Worldwide Application Security Project and OWASP are registered trademarks of the OWASP Foundation, Inc. This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.

More Repositories

1

juice-shop

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
TypeScript
10,301
star
2

juice-shop-ctf

Tool to export Juice Shop challenges and hints in data format compatible with CTFd, RootTheBox or FBCTF
JavaScript
397
star
3

multi-juicer

Host and manage multiple Juice Shop instances for security trainings and Capture The Flags
JavaScript
268
star
4

shake-logger

This projects provides a logger and a connected harlem shake js.
CSS
18
star
5

juicy-malware

16
star
6

juicy-chat-bot

Smart, friendly and helpful chat bot for OWASP Juice Shop
JavaScript
9
star
7

juice-shop-tutorials

Official OWASP Juice Shop tutorials on UI customization and system integration
6
star
8

juicy-coupon-bot

Coupon code generator and distribution bot for OWASP Juice Shop
JavaScript
6
star
9

juicy-statistics

Scripts to collect statistics about OWASP Juice Shop
JavaScript
3
star