Skip to content
@juice-shop

OWASP Juice Shop

Insecure web application for security trainings, awareness demos, CTFs and as a guinea pig for security tools

Juice Shop Banner

OWASP Juice Shop is probably the most modern and sophisticated insecure web application! It can be used in security trainings, awareness demos, CTFs and as a guinea pig for security tools! Juice Shop encompasses vulnerabilities from the entire OWASP Top Ten along with many other security flaws found in real-world applications!

OWASP Flagship CII Best Practices Contributor Covenant Twitter Follow Subreddit subscribers

OWASP Juice Shop and any contributions are Copyright © by Bjoern Kimminich & the OWASP Juice Shop contributors 2014-2024.

Pinned Loading

  1. juice-shop juice-shop Public

    OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

    TypeScript 10.4k 10.9k

  2. multi-juicer multi-juicer Public

    Host and manage multiple Juice Shop instances for security trainings and Capture The Flags

    Go 273 130

  3. pwning-juice-shop pwning-juice-shop Public

    Antora/Asciidoc content for Bjoern Kimminich's free eBook "Pwning OWASP Juice Shop"

    Handlebars 220 132

  4. juice-shop-ctf juice-shop-ctf Public

    Tool to export Juice Shop challenges and hints in data format compatible with CTFd, RootTheBox or FBCTF

    JavaScript 409 112

  5. juice-shop-tutorials juice-shop-tutorials Public

    Official OWASP Juice Shop tutorials on UI customization and system integration

    7 6

Repositories

Showing 10 of 12 repositories