Vulnerable Web Application Test Envrionment

Vulnerable Web Application Test Envrionment

From previous posts I have talked extensively on the magical powers that is Docker. This is a script I created to help setup a fresh Kali image with multiple vulnerable web apps for training or practice purposes.   #!/bin/bash # Install Docker curl -fsSL https://download.docker.com/linux/debian/gpg | sudo apt-key add - echo 'deb https://download.docker.com/linux/debian stretch stable' > /etc/apt/sources.list.d/docker.list apt-get update apt-get remove docker docker-engine docker.io -y apt-get install docker-ce -y systemctl start docker systemctl enable docker # Install Dnsmasq apt-get install dnsmasq -y echo "# New Changes…

Read More

Juice Shop Walkthrough - 1 Star

Juice Shop Walkthrough - 1 Star

This post will contain screenshots for all of the 1 star challenges of the OWASP Juice Shop which was covered in a previous post.  Just as a reminder the Juice Shop web application relies upon HTML5 web storage to store a cookie with current progress.  If you attempt to access the Juice Shop from a different host machine or different browser you might not have your progress saved.  However, if you were to restart the host machine or restart the remote server hosting the application your stored cookie will refresh your progress.   The first real (albeit easier challenge) is really…

Read More