Thursday
Room 6 - OWASP
11:40 - 12:40
(UTC+01)
Talk (60 min)
OWASP Juice Shop: Take your security vitamins!
OWASP Juice Shop is probably the most modern and sophisticated insecure web application! It can be used in security trainings, awareness demos, CTFs and as a guinea pig for security tools! Juice Shop encompasses vulnerabilities from the entire OWASP Top Ten along with many other security flaws found in real-world applications
In this talk, the project leaders Björn Kimminich and Jannik Hollenbach will introduce you to the project, its core features and a lot of interesting use cases. We will cover at least the following:
- Happy path shopping tour through the OWASP Juice Shop
- Hacking some security challenges within Juice Shop
- How you can run Juice Shop for yourself very easily
- Hosting team events or CTFs with the help of MultiJuicer
- How Juice Shop and MultiJuicer work behind the scenes
- Helping the project with coding, challenges, and translations
We will close with an look into the OWASP Juice Shop roadmap and maybe even talk about the challenges of managing open source projects in the age of ever-present AI slop. To end on a positive note, we will hopefully have a chance to listen to the official Juice Shop song.
Jannik Hollenbach
Project Lead OWASP Juice Shop and OWASP secureCodeBox
Björn Kimminich
Björn works as Product Group Lead Application Ecosystem at Kuehne+Nagel, responsible – among other things – for the Application Security program in the corporate IT. He is an OWASP Lifetime Member, the project leader of the OWASP Juice Shop, and a co-chapter leader for the OWASP Germany Chapter. Björn also currently chairs the OWASP Project Committee.