7MS #606: Hacking OWASP Juice Shop (2024 edition)

Today our pals Bjorn Kimminich from OWASP and Paul from Project7 and TheUnstoppables.ai join us as we kick off a series all about hacking the OWASP Juice Shop, which is "probably the most modern and sophisticated insecure web application!" We got a few wins on the Juice Shop score board today:

  • Found the score board
  • Bullied the chatbot
  • Fired a DOM XSS
  • Located a confidential document
  • Gave the Juice Shop a devastating zero stars review
  • Fired a DOM XSS which played the OWASP Juice Shop Jingle