Packages and Binaries:

juice-shop

Insecure web application
This package contains a modern and sophisticated insecure web application! It can be used in security trainings, awareness demos, CTFs and as a guinea pig for security tools! Juice Shop encompasses vulnerabilities from the entire OWASP Top Ten along with many other security flaws found in real-world applications!

WARNING: Do not upload it to your hosting provider’s public html folder or any Internet facing servers, as they will be compromised.

Installed size: 1.04 GB
How to install: sudo apt install juice-shop

Dependencies:
  • adduser
  • kali-defaults
  • libc6
  • libgcc-s1
  • libnode137
  • libstdc++6
  • lsof
  • npm
  • xdg-utils
juice-shop
root@kali:~# juice-shop -h
┏━(Message from Kali developers)
┃
┃ The command juice-shop is deprecated. Please use juice-shop-start instead.
┃
┗━
juice-shop-start
root@kali:~# juice-shop-start -h

┏━(Message from Kali developers)
┃ 
┃ Service status:
┃   * juice-shop.service - juice-shop web application
┃        Loaded: loaded (/usr/lib/systemd/system/juice-shop.service; 5:185mdisabled; preset: 5:185mdisabled)
┃        Active: active (running) since Wed 2026-05-27 07:46:31 EDT; 5s ago
┃    Invocation: 0a35d1ce8e74493091093b56e6895180
┃      Main PID: 909154 (npm start)
┃         Tasks: 235:245m (limit: 9276)
┃        Memory: 301.5M (peak: 319.7M)
┃           CPU: 2.533s
┃        CGroup: /system.slice/juice-shop.service
┃                |-5:245m909154 "npm start"
┃                |-5:245m909167 sh -c "node build/app"
┃                `-5:245m909168 node build/app
┃   
┃   May 27 07:46:33 kali npm[909168]: info: Required file server.js is present (OK)
┃   May 27 07:46:33 kali npm[909168]: info: Required file index.html is present (OK)
┃   May 27 07:46:33 kali npm[909168]: info: Required file styles.css is present (OK)
┃   May 27 07:46:33 kali npm[909168]: info: Required file main.js is present (OK)
┃   May 27 07:46:33 kali npm[909168]: info: Required file runtime.js is present (OK)
┃   May 27 07:46:33 kali npm[909168]: info: Required file tutorial.js is present (OK)
┃   May 27 07:46:33 kali npm[909168]: info: Required file vendor.js is present (OK)
┃   May 27 07:46:33 kali npm[909168]: info: Port 42000 is available (OK)
┃   May 27 07:46:33 kali npm[909168]: info: Chatbot training data botDefaultTrainingData.json validated (OK)
┃   May 27 07:46:33 kali npm[909168]: info: Domain https://www.alchemy.com/ is reachable (OK)
┃ 
┗━
juice-shop-stop
root@kali:~# juice-shop-stop -h

┏━(Message from Kali developers)
┃ 
┃ Service status:
┃   * juice-shop.service - juice-shop web application
┃        Loaded: loaded (/usr/lib/systemd/system/juice-shop.service; 5:185mdisabled; preset: 5:185mdisabled)
┃        Active: inactive (dead)
┃   
┃   May 27 07:46:33 kali npm[909168]: info: Required file runtime.js is present (OK)
┃   May 27 07:46:33 kali npm[909168]: info: Required file tutorial.js is present (OK)
┃   May 27 07:46:33 kali npm[909168]: info: Required file vendor.js is present (OK)
┃   May 27 07:46:33 kali npm[909168]: info: Port 42000 is available (OK)
┃   May 27 07:46:33 kali npm[909168]: info: Chatbot training data botDefaultTrainingData.json validated (OK)
┃   May 27 07:46:33 kali npm[909168]: info: Domain https://www.alchemy.com/ is reachable (OK)
┃   May 27 07:46:37 kali systemd[1]: Stopping juice-shop.service - juice-shop web application...
┃   May 27 07:46:37 kali systemd[1]: juice-shop.service: Deactivated successfully.
┃   May 27 07:46:37 kali systemd[1]: Stopped juice-shop.service - juice-shop web application.
┃   May 27 07:46:37 kali systemd[1]: juice-shop.service: Consumed 2.684s CPU time over 6.192s wall clock time, 319.7M memory peak.
┃ 
┗━


Updated on: 2026-May-25