This article is a part of the Guide for Burp Suite series. Within the previous article, we see how you can install Burp’s CA (Certificate Authority) Certificate in the Firefox Browser so that you can intercept the HTTPS traffic in Burp Suite. Now we’ll move forward and see what is OWASP Juice Shop and how to install OWASP Juice Shop on Kali Linux using docker. So Let’s Get Started.
In this article, we are going to install OWASP Juice Shop using Docker in Kali Linux. We have chosen this because this application helps you to attack Nodejs backend targets with AngularJs front-end.
Introduction to OWASP Juice Shop
OWASP Juice Shop is free software. You can redistribute it and/or modify it under the terms of the MIT License. OWASP Juice Shop and any contributions are Copyright © by Bjoern Kimminich 2014-2020. A public instance of the OWASP Juice Shop is already available at https://juice-shop.herokuapp.com. In this Part, we will Install the OWASP Juice shop using docker in the Kali Linux machine.
In the below steps, we will install docker and after that, we will pull the OWASP Juice Shop image from the docker hub and run the image instance on the localhost.
1. The docker is already added int the Kali Linux repository. You can install Docker by using the apt-get command to install the tool. This can be done by running the command below.
apt-get install docker.io
2. After successfully downloading and installing docker in the Kali Linux machine, we need to start the docker service by running the below command
service docker start
3. You can check if the docker service is running using the below command
service docker status
Install OWASP Juice Shop
1. Once Docker is installed and running, the first thing we need to do is to pull the OWASP Juice Shop files locally. To do this, run the command below.
docker pull bkimminich/juice-shop
2. Till now we have all the files related to OWASP Juice Shop locally, Now we can start the Juice Shop by running the below command. This will bind the service to port 3000.
docker run --rm -p 3000:3000
When the Docker command line prints “Server listening on port 3000” it means that the service is ready to use.
After running this successfully, you can open the Juice Shop in the browser. In the browser access “
http://localhost” URL. As you can see OWASP Juice Shop is properly running on the browser.
Now you can use the OWASP Juice shop to test your hacking skills. Congratulations! finally, we have successfully Installed OWASP Juice Shop on the Kali Linux machine. In the next Part, we will see how we can use Burp Suite.
#burpsuite #burpsuitetutorial #burp #webapplicaitonpentesting