Install OWASP Juice Shop on Kali Linux - Guide for Burp Suite - Techpanther

This article is a part of the Guide for Burp Suite series. Within the previous article, we see that how you can install Burp's CA (Certificate Authority) Certificate in the Firefox Browser so that you can intercept the HTTPS traffic in Burp Suite. Now we'll move forward and see what is OWASP Juice Shop and how to install OWASP Juice Shop on Kali Linux using docker. So Let's Get Started.

In this article, we are going to install OWASP Juice Shop using Docker in Kali Linux. We have chosen this because this application helps you to attack Nodejs backend targets with AngularJs front-end. 

Introduction to OWASP Juice Shop

OWASP Juice Shop is a deliberately vulnerable modern web application built on the current single web application stacks. Juice Shop is written in Node.js, Express, and Angular. It was the first application written entirely in JavaScript listed in the OWASP Vulnerable Web Application Directory. The application contains a vast number of hacking challenges of varying difficulty where the user is supposed to exploit the underlying vulnerabilities. The hacking progress is tracked on a scoreboard

OWASP Juice Shop is free software. You can redistribute it and/or modify it under the terms of the MIT License. OWASP Juice Shop and any contributions are Copyright © by Bjoern Kimminich 2014-2020. A public instance of the OWASP Juice Shop is already available at https://juice-shop.herokuapp.com. In this Part, we will Install the OWASP Juice shop using docker in the Kali Linux machine. 
In the below steps, we will install docker and after that, we will pull the OWASP Juice Shop image from the docker hub and run the image instance on the localhost.

Install Docker

1. The docker is already added int the Kali Linux repository. You can install Docker by using the apt-get command to install the tool. This can be done by running the command below.
2. After successfully downloading and installing docker in the Kali Linux machine, we need to start the docker service by running the below command
3. You can check if the docker service is running using the below command

Install OWASP Juice Shop

1. Once Docker is installed and running, the first thing we need to do is to pull the OWASP Juice Shop files locally. To do this, run the command below.

2. Till now we have all the files related to OWASP Juice Shop locally, Now we can start the Juice Shop by running the below command. This will bind the service to port 3000.
When the Docker command line prints "Server listening on port 3000" it means that the service is ready to use.

After running this successfully, you can open the Juice Shop in the browser. In the browser access "http://localhost" URL. As you can see OWASP Juice Shop is properly running on the browser.

Now you can use the OWASP Juice shop to test your hacking skills. Congratulations! finally, we have successfully Installed OWASP Juice Shop on the Kali Linux machine. In the next Part, we will see how we can use Burp Suite.

#burpsuite #burpsuitetutorial #burp #webapplicaitonpentesting

Comments