Special OWASP LA Hands-on Juice Shop Hacking Session - October 10, 2017
Details
Speaker: Timo Pagel
Topic: Hands on Juice Shop Hacking Session
OWASP Juice Shop is an intentionally insecure web application written in Node.js, Express and AngularJS. It was created as an exercise and training environment for developers, quality engineers and penetration testers alike. It also does a good job as a security awareness raiser. So every skill level from web application beginner to expert is welcome to join!
In this session you can try your hacking skills on this application!
With almost 40 hacking challenges (categorized into 5 difficulty levels) everyone will be busy and challenged for the entire duration of the session, independent of pre-existing knowledge!
Agenda:
(1) 10min - "lightning sales pitch" on the project
(2) 5min - "happy path" shopping spree
(3) 90min+ - "hands on hacking" session in pairs on individual Juice Shop installations
(4) 10min+ - "closing note and autohacking" where the e2e test suite solves all challenges automatically
Prerequisites:
Please come with OWASP Juice Shop installed on your laptop or at your favorite cloud provider! This will save a lot of time at the event. Please check the installation instructions for all possible options to host the application (see https://github.com/bkimminich/juice-shop#setup )
Also make sure you have a browser with developer tools ready. Resources to be open while the hacking session are the OWASP Top 10 (see https://www.owasp.org/images/f/f... (https://www.owasp.org/images/f/f8/OWASP_Top_10_-_2013.pdf)).
Bio:
Timo Pagel is a web developer and system administrator and passionate about security. As an IT consultant, he integrates security into the continuous delivery pipeline and the processes behind.
Sponsor:
