Skip to content

Navigation Menu

Explore
By company size
By use case
By industry
View all solutions
Topics
- AI
- DevOps
- Security
- Software Development
- View all
Explore
- GitHub Sponsors
  Fund open source developers
- The ReadME Project
  GitHub community articles
Repositories
- Enterprise platform
  AI-powered developer platform
Available add-ons
Pricing

Search code, repositories, users, issues, pull requests...

Search

Clear

Search syntax tips

Provide feedback

We read every piece of feedback, and take your input very seriously.

Include my email address so I can be contacted

Saved searches

Use saved searches to filter your results more quickly

Name

Query

To see all available qualifiers, see our documentation.

You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session. You switched accounts on another tab or window. Reload to refresh your session.

Dismiss alert

tghosth / pwning-juice-shop Public

forked from juice-shop/pwning-juice-shop

Notifications You must be signed in to change notification settings
Fork 1
Star 2

Code
Pull requests
Actions
Projects
Security
Insights

Additional navigation options

Code
Pull requests
Actions
Projects
Security
Insights

Breadcrumbs

pwning-juice-shop

/

SUMMARY.md

Latest commit

History

54 lines (42 loc) · 1.86 KB

Breadcrumbs

pwning-juice-shop

/

SUMMARY.md

File metadata and controls

54 lines (42 loc) · 1.86 KB

Summary

Preface

Why OWASP Juice Shop exists
Architecture overview

Part I - Hacking preparations

Hacking preparations
Running OWASP Juice Shop
Vulnerability categories
Challenge tracking
Hacking exercise rules
Walking the "happy path"
Customization
Hosting a CTF event

Part II - Challenge hunting

Challenge hunting
Finding the Score Board
Injection
Broken Authentication
Forgotten Content
Roll your own Security
Sensitive Data Exposure
XML External Entities (XXE)
Improper Input Validation
Broken Access Control
Security Misconfiguration
Cross Site Scripting (XSS)
Insecure Deserialization
Vulnerable Components
Security through Obscurity
Race Condition

Part III - Getting involved

Getting involved
Provide feedback
Contribute to development
Codebase 101
Help with translation
Donations

Appendix

Appendix A - Challenge solutions
Appendix B - Trainer's guide

Postface

About this book

Footer

© 2024 GitHub, Inc.

Footer navigation

Terms
Privacy
Security
Status
Docs
Contact

You can’t perform that action at this time.