Showing posts from August, 2018

Setting up JuiceShop in Heroku

The purpose of this post is to provide information about setting up a free instance of JuiceShop in Heroku for use with a CTF. Please read the steps below carefully. NOTICE If you create a new account, you will be required to supply a valid credit card number. The Heroku service is free to use, but it is still a business that wants to make money. If you use the free tier, your card will not be charged. If you add options outside of what is spelled out in this document, you are liable for any expenses that you incur. Please don’t go past the ropes unless you know how to swim. OWASP is not responsible for any charges that you may incur from the use of the Heroku service. More information about Heroku’s free tier and pricing can be found here . NOTICE PART DEUX This event is a simple web application capture the flag. There should be no need for you to use denial of service tactics or network attack tools as part of this event. Technically, everything you need is righ