Juice Shop is a modern vulnerable web application maintained by the Open Web Application Security Project (OWASP). It is used as a security training and awareness tool. Juice Shop has a multitude of vulnerabilities including those found in the OWASP Top Ten.

We will be utilizing Docker and Kali to both install and to exploit the vulnerabilities which have been built in to the web application.

Let’s begin by installing Docker on our Kali Linux system.

Copy to Clipboard

Download the Docker Juice Shop image.

Copy to Clipboard

Finally, run Docker with the following options seen below.

We set the “-p” option to 80:3000 to make the Juice Shop image available on port 80 when accessed via a web browser (e.g. http://localhost).

Copy to Clipboard

You can now access Juice Shop on localhost with your web browser.

Jesse Shelley
Latest posts by Jesse Shelley (see all)