GitHub - juice-shop/juice-shop
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application - juice-shop/juice-shop
En bref
Ajouté le
17 mars 2026
Matière et domaine
computer-science-advanced · cybersecurity
Niveaux scolaires
9e année (3e)–12e année (Terminale)
Type de page
Article
Introduction
OWASP Juice Shop Overview
- Purpose: A modern, sophisticated insecure web application designed for security training, awareness demos, CTFs, and testing security tools.
- Scope: Contains vulnerabilities from the entire OWASP Top Ten and various real-world security flaws.
- Official Resources:
- Project Website: https://owasp-juice.shop
- Live Demo: http://demo.owasp-juice.shop (for testing/preview only).
- Companion Guide: Pwning OWASP Juice Shop (eBook available for free on LeanPub).
- Installation Methods:
- Source: Clone via Git, install dependencies via
npm, and runnpm start. - Packaged: Download ZIP/TGZ releases for Windows, MacOS, or Linux.
- Docker: Pull
bkimminich/juice-shopand run via standard Docker commands. - Vagrant: Use the provided Vagrantfile and Virtualbox configuration.
- Source: Clone via Git, install dependencies via
- Technical Requirements:
- Supports Node.js LTS versions (currently 22.x and 24.x).
- Some challenges require integration with external AI/LLM providers.
- Support & Community:
- Troubleshooting: Use the Gitter Chat for questions (avoid opening GitHub issues for support).
- Contributions: Welcomed via Pull Requests; see
CONTRIBUTING.mdfor guidelines. - References: Community members are encouraged to add blog posts, talks, or articles to
REFERENCES.md.
- Project Governance:
- Project Leaders: Björn Kimminich and Jannik Hollenbach.
- License: MIT License.
- Donations: Accepted via the OWASP Foundation (Stripe).
- Merchandise: Official swag (shirts, stickers, etc.) available via Spreadshirt and StickerYou.
Avis de la communauté
Pas encore d’avis publiés. Soyez le premier à partager votre expérience.