OWASP Juice Shop Vulnerable Webapp

A couple of weeks ago Björn Kimminich released the Juice Shop Vulnerable Web Application at the OWASP AppSec Europe conference in Belfast. Why another vulnerable webapp for target practice? This from Github: Main Selling Points: Easy-to-install: Choose between node.js, Docker and Vagrant to run on Windows/Mac/Linux Self-contained: Additional dependencies are pre-packaged or will be resolved and downloaded automatically Self-healing: The simple SQLite database is wiped and regenerated from scratch on every server startup Gamification: The application notifies you on solved challenges and keeps track of successfully exploited vulnerabilities on a Score Board CTF-support: Challenge notifications optionally show a flag code for your Read More