Packages and Binaries:
juice-shop
Insecure web application
This package contains a modern and sophisticated insecure web application! It
can be used in security trainings, awareness demos, CTFs and as a guinea pig
for security tools! Juice Shop encompasses vulnerabilities from the entire
OWASP Top Ten along with many other security flaws found in real-world
applications!
WARNING: Do not upload it to your hosting provider’s public html folder or any Internet facing servers, as they will be compromised.
Installed size: 1.01 GB
How to install: sudo apt install juice-shop
Dependencies:
- adduser
- libc6
- libgcc-s1
- libnode127
- libstdc++6
- lsof
- npm
- xdg-utils
juice-shop
root@kali:~# juice-shop -h
[*] Please wait for the Juice-shop service to start.
[*]
[*] You might need to refresh your browser once it opens.
[*]
[*] Web UI: http://127.0.0.1:42000
juice-shop-stop
root@kali:~# juice-shop-stop -h
* juice-shop.service - juice-shop web application
Loaded: loaded (/usr/lib/systemd/system/juice-shop.service; disabled; preset: disabled)
Active: inactive (dead)
Mar 13 03:36:11 kali npm[1137817]: info: Required file tutorial.js is present (OK)
Mar 13 03:36:11 kali npm[1137817]: info: Required file runtime.js is present (OK)
Mar 13 03:36:11 kali npm[1137817]: info: Required file vendor.js is present (OK)
Mar 13 03:36:11 kali npm[1137817]: info: Port 42000 is available (OK)
Mar 13 03:36:11 kali npm[1137817]: info: Chatbot training data botDefaultTrainingData.json validated (OK)
Mar 13 03:36:11 kali npm[1137817]: info: Domain https://www.alchemy.com/ is reachable (OK)
Mar 13 03:36:23 kali systemd[1]: Stopping juice-shop.service - juice-shop web application...
Mar 13 03:36:23 kali systemd[1]: juice-shop.service: Deactivated successfully.
Mar 13 03:36:23 kali systemd[1]: Stopped juice-shop.service - juice-shop web application.
Mar 13 03:36:23 kali systemd[1]: juice-shop.service: Consumed 5.696s CPU time over 16.282s wall clock time, 282.1M memory peak.
Updated on: 2026-Mar-13