Did you write a blog post, magazine article or do a podcast about or mentioning OWASP Juice Shop? Add it to this file and open a PR! The same goes for conference or meetup talks, workshops or trainings you did where this project was mentioned or used!
Spoiler Warning! 💡 indicates resources that contain hints for solving challenges of the OWASP Juice Shop. These are supposed to be helpful whenever you get stuck.
indicates resources that spoiler entire challenge solutions so you might not want to view them before tackling these challenges yourself!
- Heroku Button of the Month in November 2017 (📷)
- Webcast recording on Signal Sciences: Secure Development Lessons from Purposely Insecure Applications
- 7 Minute Security Podcast:
- Episode #282: 7MS #282: A Peek into the 7MS Mail Bag (Zencast)
- Episode #234:
7MS #234: Pentesting OWASP Juice Shop - Part 5
- Episode #233:
7MS #233: Pentesting OWASP Juice Shop - Part 4
- Episode #232:
7MS #232: Pentesting OWASP Juice Shop - Part 3
- Episode #231:
7MS #231: Pentesting OWASP Juice Shop - Part 2
- Episode #230:
7MS #230: Pentesting OWASP Juice Shop - Part 1
- Episode #229: 7MS #229: Intro to Docker for Pentesters (Youtube)
- Video tutorial about automating web application security scans with OWASP ZAP using Juice Shop as the tested app: All you need is Zaproxy - Security Testing for WebApps Made Easy
- Blog Post on Stuart Winter-Tear's Blog: OWASP Juice Shop Vulnerable Webapp (Peerlyst cross-post)
- Blog posts on OWASP Summit 2017:
- Interview on OWASP 24/7 Podcast: Less than 10 Minutes Series: The Juice Shop Project
- Vulnerable website collection on Bonkers About Tech: 40+ Intentionally Vulnerable Websites To (Legally) Practice Your Hacking Skills
- Hacking-session writeup on Testhexen: Learning Application Security – Fun with the Juice Shop
- Blog post (:myanmar:) on LOL Security:
Juice Shop Walkthrough
- Blog post on IncognitJoe:
Hacking(and automating!) the OWASP Juice Shop
- Automated solving script for the OWASP Juice Shop
written in Python as mentioned in above blog post
- Automated solving script for the OWASP Juice Shop
written in Python as mentioned in above blog post
- Guest post (:de:) on Informatik Aktuell: Juice Shop - Der kleine Saftladen für Sicherheitstrainings
- Guest post on The official Sauce Labs Blog: Proving that an application is as broken as intended
- Teaser post on Björn Kimminich's Blog: Juice Shop
- Descargar aqui el taller OWASP Top 10 Hands On basado en OWASP Top 10 y Juice Shop (:es:) by Mateo Martinez, Gerardo Canedo and Maxiimiliano Alonzo, OWASP Uruguay Chapter
- Security in Web Applications by Timo Pagel, Fachhochschule Kiel
- Web Application Security Training by Björn Kimminich
- OWASP Juice Shop - The Ultimate Vulnerable WebApp by Björn Kimminich, Secure360 Twin Cities, 16.05.2018
- Hacking Workshop - Twin Cities vs. OWASP Juice Shop with Björn Kimminich, Secure360 Twin Cities, 17.05.2018
- OWASP Juice Shop 5.x and beyond by Björn Kimminich, German OWASP Day 2017, 14.11.2017
- OWASP Juice Shop Introduction talk and AppSec Bucharest vs. OWASP Juice Shop hacking workshop by Björn Kimminich, OWASP Bucharest AppSec Conference 2017, 13.10.2017
- 2 Hour Hacking: Juice Shop by Timo Pagel, OWASP Los Angeles, 10.10.2017
- Hacking the OWASP Juice Shop with Björn Kimminich, OWASP North Sweden Chapter, 19.09.2017
- OWASP Juice Shop Workshop with Björn Kimminich, OWASP Stockholm Chapter, 18.09.2017
- Hacking session at Angular Talk & Code with Björn Kimminich, Angular Meetup Hamburg, 13.09.2017
- Capture The Flag - Security Game by Benjamin Brunzel, Jöran Tesse, Rüdiger Heins & Sven Strittmatter, solutions.hamburg, 08.09.2017
- OWASP Juice Shop - Einmal quer durch den Security-Saftladen by Björn Kimminich, solutions.hamburg, 08.09.2017
- Black Box Threat Modeling by Avi Douglen, BSides Tel Aviv 2017, Underground Track, 28.06.2017
- OWASP update by Katy Anton, OWASP Bristol (UK) Chapter, 22.06.2017
- Juice Shop and related working sessions, OWASP Summit 2017, 12.-16.06.2017
- Update on OWASP Projects & Conferences by Sam Stepanyan, OWASP London Chapter Meeting, 18.05.2017
- OWASP Juice Shop: Achieving sustainability for open source projects, AppSec Europe 2017 by Björn Kimminich, 11.05.2017 (Youtube)
- OWASP Juice Shop: Stammtisch-Lightning-Update by Björn Kimminich, 27. OWASP Stammtisch Hamburg, 25.04.2017
- Juice Shop Hacking Session by Jens Hausherr, Software-Test User Group Hamburg, 21.03.2017
- Hands on = Juice Shop Hacking Session by Björn Kimminich, Software Tester Group Hamburg (English-speaking), 16.03.2017
- Kurzvortrag: Hack the Juice Shop by Timo Pagel, PHP-Usergroup Hamburg, 14.02.2017
- Lightning Talk: What's new in OWASP Juice Shop by Björn Kimminich, German OWASP Day 2016, 29.11.2016
- Gothenburg pwns the OWASP Juice Shop by Björn Kimminich, OWASP Gothenburg Day 2016, 24.11.2016
- Hacking the OWASP Juice Shop by Björn Kimminich, OWASP NL Chapter Meeting, 22.09.2016 (Youtube, :godmode: in last 10min)
- Hacking-Session für Developer (und Pentester) by Timo Pagel, Kieler Open Source und Linux Tage, 16.09.2016
- Security-Auditing aus der Cloud – Softwareentwicklung kontinuierlich auf dem Prüfstand by Robert Seedorff & Benjamin Pfänder, SeaCon 2016, 12.05.2016
- Hacking the Juice Shop ("So ein Saftladen!") by Björn Kimminich, JavaLand 2016, 08.03.2016
- Hacking the JuiceShop! ("Hackt den Saftladen!") by Björn Kimminich, node.HH Meetup: Security!, 03.02.2016
- OWASP Top 5 Web-Risiken by Timo Pagel, node.HH Meetup: Security!, 03.02.2016
- Lightning Talk: Hacking the Juice Shop ("So ein Saftladen!") by Björn Kimminich, German OWASP Day 2015, 01.12.2015
- Juice Shop - Hacking an intentionally insecure JavaScript Web Application by Björn Kimminich, JS Unconf 2015, 25.04.2015
- So ein Saftladen! - Hacking Session für Developer (und Pentester) by Björn Kimminich, 17. OWASP Stammtisch Hamburg, 27.01.2015