Hacking the Juice Shop: Enumeration

Welcome to the second article of my Juice Shop series, where I will be documenting a miniature penetration test against OWASP’s Vulnerable Web Application, Juice Shop. As a reminder, there are a few stages to the penetration testing process: Pre-engagement Interactions Reconnaissance / Information Gathering Scanning (or Enumeration) Vulnerability Assessment Exploitation Reporting These phases aren’t always linear. It’s best to think of it as…

Hacking the Juice Shop: Information Gathering

The Juice Shop is an intentionally vulnerable web application developed by the Open Web Application Security Project (OWASP). It has a series of challenges that allow hackers to learn how to exploit many of the vulnerabilities that fall under the OWASP Top 10. I’m going to be posting a series of articles that effectively documents a miniature penetration test, which, generally speaking, consists of…