7MS #606: Hacking OWASP Juice Shop (2024 edition)
Today our pals Bjorn Kimminich from OWASP and Paul from Project7 and TheUnstoppables.ai join us as we kick off a series all about hacking the OWASP Juice Shop, which is "probably the most modern and sophisticated insecure web application!" We got a few wins on the Juice Shop score board today:
- Found the score board
- Bullied the chatbot
- Fired a DOM XSS
- Located a confidential document
- Gave the Juice Shop a devastating zero stars review
- Fired a DOM XSS which played the OWASP Juice Shop Jingle