SUMMARY.md

Summary

Preface

• Why OWASP Juice Shop exists
• Architecture overview

Part I - Hacking preparations

• Hacking preparations
• Running OWASP Juice Shop
• Vulnerability categories
• Challenge tracking
• Hacking exercise rules
• Walking the "happy path"
• Customization
• Hosting a CTF event

Part II - Challenge hunting

• Challenge hunting
• Finding the Score Board
• Injection
• Broken Authentication
• Sensitive Data Exposure
• XML External Entities (XXE)
• Improper Input Validation
• Broken Access Control
• Security Misconfiguration
• Cross Site Scripting (XSS)
• Insecure Deserialization
• Vulnerable Components
• Security through Obscurity
• Unvalidated Redirects
• Broken Anti-Automation
• Cryptographic Issues
• Miscellaneous

Part III - Getting involved

• Getting involved
• Provide feedback
• Contribute to development
• Codebase 101
• Help with translation
• Hacking Instructor tutorial scripts
• Donations

Appendix

• Challenge solutions
• Trainer's guide
• Troubleshooting
• Cheat detection
• Coding challenges
• Integration
• Monitoring
• Chatbot training data
• Jingle lyrics

Postface

• About this book