7MS #230: Pentesting OWASP Juice Shop - Part 1
Be sure to scroll down and view the whole post as there is both audio and video coverage of today's episode!
Get ready to hack!
In the video, I walk you through getting Burp Suite configured, and also how to get your Web browser to proxy traffic through it using tools like FoxyProxy. And although it's slightly out of scope for attacking the Juice Shop, I also show you how to install the Burp CA cert so you can pentest HTTPS sites in the future.
Pwn some admin creds
I close the video by demonstrating a SQL injection attack against the Juice Shop login form, which get us administrative access to the application and puts us in a good position to annihilate a ton of the app's vulnerabilities on the next 7MS episode!
Here's the complementary video content for today's audio podcast: