An intentionally insecure RIA suitable for pen testing and security awareness trainings written in Node, Express and Angular. Heavily inspired by the "classic" BodgeIt Store by @psiinon.
Translating "dump" or "useless outfit" into German yields "Saftladen" which can be reverse-translated word by word into "juice shop". Hence the name of this project.
- Easy to install: Just requires node.js
- Self contained: Additional dependencies will be resolved and downloaded automatically
- No external DB: A simple file based SQLite database is used which is wiped and regenerated on server startup
- Open source: No hidden costs or caveats
- Install node.js
- Run
npm install(only has to be done before first start or when you change the source code) - Run
npm start - Browse to http://localhost:3000
You may find it easier to find vulnerabilities using a pen test tool. I strongly recommend Zed Attack Proxy which is open source and very powerful, yet beginner friendly.
