ExecTech Webinar #1 - Learn to Hack Modern Websites with OWASP Juice Shop

Wed., Oct. 27, 2021, 11am to Noon

Location: Online at http://mtug.webex.com

Ben Allen -- an experienced penetration testing manager and force behind the local hacker / security learning collaborative DC207 -- gives the audience an understanding of what security testing looks like for web applications, as well as some basics on how to perform web application security testing, and some resources to learn more.

Session Description:

Have you ever thought about getting into web application hacking? Maybe you know a few things and you would like to sharpen your skills in testing modern single page web applications? Well, this is the session for you. In this guided hacking workshop tour, Ben Allen (www.dc207.org) digs in to one of OWASP's flagship projects, Juice Shop (owasp.org/www-project-juice-shop). Juice Shop emulates an ecommerce web application and is meant to show how modern JavaScript-based applications can be compromised.

In this follow-along workshop we will cover:

• What OWASP Juice Shop is
• How to deploy your own Juice Shop on the internet for free
• How to set your computer up for testing
• How to hunt for bugs
• An interactive walk-through of a few challenges 

Speakers

Benjamin Allen

Lead organizer, DC207.org, / Manager, Penetration Testing, Trinity Health

Ben Allen is the organizing force between the vibrant DC207 (DefCon207) hacking / cybersecurity education and information sharing collaborative (visit them online at dc207.org). In addition, Ben has served in tech administration and lead cybersecurity roles in a variety of health care organizations.

Resource Links for this Session: 

Slides: OWASP Juice Shop - Presentation (16:9) (canva.com)

Mainesec Slack: http://mainesec.org

OWASP Juice Shop Manual: https://pwning.owasp-juice.shop

Hosting Provider: heroku.com

Web Hacking Course: webhacking.dc207.org

DC207: www.dc207.org