OWASP Juice Shop is one of the go-to tools for learning the ins and outs of web application penetration testing. The project offers a number of different levels for testers of all skill-sets. One of the issues with the project though is that the setup isn't exactly the easiest for everyone out there. The OWASP github page provides great and detailed instructions but sometimes folks just want a simple download of an appliance that simply requires a network connection and a power button; Enter JuiceShopped!
While probably unnecessary, I hope that it'll be useful to other folks out there looking to get into webapp and even general pentesting. This project provides a pre-configured OVA (virtualbox appliance) running Devuan Daedalus and a current version of OWASP's Juice Shop. The appliance is setup so that all the user has to do is set the appliance's network adapter to Host-only Adapter and then power on the virtual machine!
Highlights of the machine:
- Devuan Daedalus
- Machine will pull a DHCP address
- Auto starts Juice Shop at boot time
The long term plan for the project is to continuously update the virtual appliance so that folks can simply download the appliance and have a turnkey Juice Shop VM. As time goes along, I'm hoping to automate or at least provide a method to update JuiceShopped so that a new VM won't have to be downloaded/imported each time there is a new release as well!
If you're interested, please download the OVA and share any feedback at the Github page here: JuiceShopped!
No comments:
Post a Comment
Have a thought or question? Please share!