Tool to export Juice Shop challenges and hints in data format compatible with CTFd, RootTheBox or FBCTF

Antora/Asciidoc content for Bjoern Kimminich's free eBook "Pwning OWASP Juice Shop"

Demo - how to easily build security testing for Web App, using Zap and Glue

All Labs of the Security for Developers Training

bustme is a directory brute forcing tool that assesses if pages exist according to the returned response body.

Universal Prompt Security Standard (UPSS): A framework for externalizing, securing, and managing LLM prompts and genAI systems, inspired by and extending OWASP OPSS concepts for any organization or project.

owasp juice chop ctf tryhackme walkthrough

Bash script to install docker and OWASPs juice-shop vulnerable webapp. Run this and browse to http://localhost:3000

A CI/CD Security Pipeline with OWASP ZAP & GitHub Actions

A CI/CD Security Pipeline with OWASP ZAP & GitHub Actions with Terraform

Projeto de Pentest em aplicação web, OWASP Juice Shop, com identificação de vulnerabilidades e sugestão de correção. como entrega de atividade do programa Desenvolve do Grupo Boticário em parceria com a Alura.

Comprehensive Write-ups for OWASP Juice Shop challenges, organized by OWASP Top 10 vulnerabilities

Cybersecurity portfolio project: OWASP Juice Shop pentest with Critical/High findings, risk ratings, and a consulting-style PDF report.

A RESTful API brute-forcing tool in Go for ethical hacking practice. **Gobrute** is built for testing login passwords with multithreading, progress tracking, and customizable payloads, ideal for controlled environments like OWASP Juice Shop.

IaC for IAST of OWASP Juice Shop app.

Internship capstone on OWASP Juice Shop — Web App Vulnerability Assessment & Report

End-to-end web application security assessment of OWASP Juice Shop, including vulnerability identification, manual exploitation and detailed remediation reports.

Performance testing framework for OWASP Juice Shop using JMeter: load, stress, spike & endurance tests, CI/CD with GitHub Actions & automated HTML dashboards

aboratório de Pentest focado em SQL Injection e Evasão de WAF (ModSecurity). Inclui infraestrutura Docker, relatórios técnicos e automação em Python.

This repository contains the instructions and yaml files to launch OWASP Juice Shop vulnerable website for learning web application pentesting and it is deployed on Kubernetes.

Cyber Security Internship Program at Future Interns!--(Task_01)

Exceedingly Thorough Playwright Testing Suites (Vol. I) (WIP)

Vulnerable Login System (SQLi Lab). HTML/MySQL architecture designed with intentional security holes. For research and security training only! 🔐🚀🏗️

Writeup for cryptography issue's vulnerability - forged coupon

Infrastructure as Code (IaC) for OWASP Juice Shop environment. Containerized setup using Docker to support automated testing pipelines.

Exploited a Reflected XSS vulnerability to inject a client-side keylogger payload. Implemented an instant JavaScript redirect to mask the attack and successfully exfiltrate simulated credit card information to a Netcat listener.

Vulnerability Assessment report on OWASP Juice Shop v17.2.0, vulnerabilities mapped to MITRE frameworks for educational purposes.

A repository documenting bug reports, vulnerability findings, and security analysis performed on OWASP Juice Shop for learning and responsible security research.