June 17, 2018 at 11:55 pm #19754
Recently I attended one of Dan Billing’s (a.k.a. The Test Doctor) interesting workshop on web application security testing, in which I got to explore potential security threats and vulnerabilities of a web application. As I found it useful I am sharing it here for those who are interested in security testing and looking for an application to play with.
The application is called Juice-Shop, created for demonstrating various security vulnerabilities. It has different levels of challenges to crack. Please follow the setup guidelines from this repository link to start with.
If you have any questions, I am more happy to help 🙂June 20, 2018 at 10:34 am #19792TassawerParticipant@tassaweramin
@darwin Thanks for sharing such an interactive and informative post.June 20, 2018 at 10:46 pm #19804
@tassaweramin, glad to hear that it is interactive and informative for you.
Setting up the application ‘Juice-Shop’ is really easy.
> Create an account in Heroku
> Click ‘Deploy to Heroku’ button from readme file
> Follow the options until the app is launched
> Happy Hacking!October 21, 2018 at 8:40 pm #20780
The people who made OWASP Juice Shop published a book to help others, which acts as a good reference and a complete walk-through can be found hereMay 29, 2020 at 7:13 am #24801MustakimParticipant@mustakimshaikh
Security Testing is a must in modern times. The more technology advances, more are the threats to our privacy. In this world of digitization, the internet is an open book, and it’s required to keep ourselves and our app free from such vulnerabilities.September 17, 2020 at 9:42 am #25253SerenaParticipant@serenagray
Well, among the many available security tools, OWASP is really the best tool for security testing. OWASP ZED is an open-source tool that is widely preferred for performing security and penetration testing. The main objective of this OWASP tool is to identify the vulnerabilities before they are attacked. Here are the benefits with this tool:
• Open-source and free tool
• It is cross-platform, thus works on all Operating systems
• Helps in generating reports
• It is simple and easy to use tool, etc.September 17, 2020 at 11:30 am #25255
- You must be logged in to reply to this topic.