Hello All
Welcome to Practical Demonstration of Web Application Hacking here we are going to learn about various web vulnerabilities and how to hunt them on a target and how to exploit them .
Before we begin to hunt we should choose a target that is in scope here we are going to choose our target as OWASP (Open Web Application Security Project) Juice Shop Project which is an insecure web application.
When we hunt, it's important to look at every target in it's own right. We are going to look at the OWASP juice shop. In this demonstration you will be show all the topic we went over and which parameters we will be using to test. Not all of our tests will lead to existing issues but still we Have to do all these tests. We are no longer practicing right now, this is bug bounties.
In general if we want to hunt bugs on a target we will search for the application, and then we will start hunting but here we are choosing our web target as OWASP Juice Shop which is an insecure application this website requires installation now we will see how to install this application.
Here I am choosing Heroku for installing our Juice Shop as this is free and easy to use, you can also choose other ways like installing Docker Images.
Step 1: go to https://www.heroku.com/ and Sign up for an account if you are not having.
If you are having an account then go to step 2
Then confirm your email, and you will be seeing a page for setting up your password like below
Enter your Password and Proceed by clicking on SET Password and Login In and you will be seeing a