An intentionally insecure RIA suitable for pen testing and security awareness trainings written in Node, Express and Angular. Heavily inspired by the "classic" BodgeIt Store by @psiinon.

Translating "dump" or "useless outfit" into German yields "Saftladen" which can be reverse-translated word by word into "juice shop". Hence the name of this project.

• Easy to install: Just requires node.js
• Self contained: Additional dependencies will be resolved and downloaded automatically
• No external DB: A simple file based SQLite database is used which is wiped and regenerated on server startup
• Open source: No hidden costs or caveats

1. Install node.js
2. Run npm install (only has to be done before first start or when you change the source code)
3. Run npm start
4. Browse to http://localhost:3000

• If you are experiencing Error 128 from some GitHub repos during bower_install.js execution, run git config --global url."https://".insteadOf git:// and try npm install again

You may find it easier to find vulnerabilities using a pen test tool. I strongly recommend Zed Attack Proxy which is open source and very powerful, yet beginner friendly.