Juice Shop is a modern vulnerable web application maintained by the Open Web Application Security Project (OWASP). It is used as a security training and awareness tool. Juice Shop has a multitude of vulnerabilities including those found in the OWASP Top Ten.
We will be utilizing Docker and Kali to both install and to exploit the vulnerabilities which have been built in to the web application.
Let’s begin by installing Docker on our Kali Linux system.
Download the Docker Juice Shop image.
Finally, run Docker with the following options seen below.
We set the “-p” option to 80:3000 to make the Juice Shop image available on port 80 when accessed via a web browser (e.g. http://localhost).
You can now access Juice Shop on localhost with your web browser.