First, we will see what OWASP Juice Shop is.
Juice Shop is an intentionally vulnerable most modern and sophisticated web application, specially designed for CTFs, Learning, training, and hands-on practice of penetration testing on modern Web applications.
OWASP Juice Shop is vulnerable to all OWASP top 10 vulnerabilities, including other Web Application vulnerabilities
OWASP Juice Shop is built on Node.js, Angular, and Express. It is entirely written in JavaScript.
This web application contains the vast number of challenges of various difficulties. We can easily check the progress of challenges on the scoreboard.
Here are the vulnerability category's distribution
OWASP Juice Shop is built on Node.js, Angular, and Express. It is entirely written in JavaScript.
This web application contains the vast number of challenges of various difficulties. We can easily check the progress of challenges on the scoreboard.
Here are the vulnerability category's distribution
Now we will see how to deploy OWASP Juice shop using Docker.
Step 1: Install Docker
Here are the official links to install Docker.
https://docs.docker.com/engine/install/
Step 2: Once the docker is installed and up and running, open the command line and run the below command to pull the OWASP Juice Shop from Docker Hub
Command: docker pull bkimminich/juice-shop
(Pull the OWASP Juice Shop image from the docker hub)
Step 1: Install Docker
Here are the official links to install Docker.
https://docs.docker.com/engine/install/
Step 2: Once the docker is installed and up and running, open the command line and run the below command to pull the OWASP Juice Shop from Docker Hub
Command: docker pull bkimminich/juice-shop
(Pull the OWASP Juice Shop image from the docker hub)
Step: 4: Run OWASP Juice Shop Container using the docker run command
Command: Docker run -p <HOST PORT>:3000 –name <Container Name> -d bkimminich/juice-shop
run: run the OWASP Juice Shop Container using the bkimminich/juice-shop docker image
-p: map container port to host OS port
–name: Provide the name of the Container
-d: to run the container in the background
Step 5: Once the container is up and running, open the browser to access the OWASP Juice shop.
URL: http://localhost:<HOST PORT>