OWASP Juice Shop v10.0.0 released
Tuesday, March 17, 2020
live from the beach of Cancun at the OWASP Projects Summit was a really
unique event. The summit allowed us to really concentrate on some larger
long-term ideas we had.
One of them was harmonizing the UI/UX, especially in the recently extended checkout process. Another was adding more tutorial scripts for the Hacking Instructor that guides beginners through some of the easier challenges in the Juice Shop.
But also some spontaneous ideas were implemented in Mexico, such as a
GitHub Action called LMLFTFY (“Let me
lint:fix that for you”) that -
if necessary - does exactly what the name suggests after each
Juice Shop 10 also contains many other enhancements from before the summit: The Angular 8 to 9 migration; a refactoring of the structure & naming in the customization YAML file format; a brand new Prometheus metrics endpoint that delivers application health stats, “business KPIs” and challenge progress information.
The summit allowed us to really concentrate on some larger long-term ideas we had.
The latter already has one happy consumer: The convenient
platform already adds a fancy Grafana dashboard per Juice Shop instance
running on it. The metrics can for example help trainers to keep track
of how their students are doing with challenges. They also allow them to
provide better technical troubleshooting thanks to real-time log
monitoring. Please note that only MultiJuicer 3.x is compatible with
Juice Shop 10.x.
As always, you can find the fully updated
companion guide to OWASP Juice Shop online
in various eBook formats on LeanPub!
Latest additions to Pwning OWASP Juice Shop include: Recommendations
how to teach automation of security tools
using OWASP Juice Shop; a
guide to writing Hacking Instructor tutorials;
for making your own Juice Shop theme.
Juice Shop 10 comes with Angular 9, harmonized UI/UX, additional tutorials and much more shenanigans!
One last thing: If you’d like to help us make the Juice Shop even better, please consider filling out our annual online survey and tell us more about your Juice Shop use cases, runtime environment, experience and feedback!