How To Install OWASP Juice Shop Using Docker
Installing OWASP Juice Shop is a great way to learn web application security using a vulnerable application in a real-world-like setting. Here’s how it’s done:
- Docker creates a small, isolated virtual machine.
- It runs Juice Shop inside that machine, using all its built-in configurations.
- You just open your browser and visit the app (no extra setup needed).
Here’s a simple guide to installing it on your local machine (works well inside a Kali VM too).
What is Docker?
Docker is a tool that lets you run applications in isolated environments called containers. Think of a container like a lightweight virtual machine, but way faster and more efficient. This is perfect for security tools, testing environments, and apps like Juice Shop.
Installing OWASP Juice Shop
Step 1: Install Docker
You need Docker installed so you can run containers like Juice Shop.
The first step is to update the list of available packages from your repositories. Once updated, we can install Docker from Ubuntu’s repository. docker.io is the name of the Docker package in Debian/Ubuntu. These commands are shown below:
sudo apt update
sudo apt install docker.ioStep 2: Download the Juice Shop Container
Next, we need to download the Juice Shop image from Docker Hub (which is like the App Store for Docker). bkimminich/juice-shop is the official name of the Juice Shop Docker image.
This is your pre-configured Juice Shop, wrapped up in a container, ready to run.
docker pull bkimminich/juice-shopStep 3A: Run Juice Shop in a Container (Non-Persistent)
The next step is to launch Juice Shop using the following command:
docker run --rm -p 3000:3000 bkimminich/juice-shopHere is what this code does:
- docker run starts a new container
- –rm automatically deletes the container when you stop it (great for keeping things clean, but it also means the container won’t persist)
- -p 3000:3000 maps port 3000 on your computer to port 3000 inside the container so you can access Juice Shop in your browser
- bkimminich/juice-shop tells Docker which image to run (in this case, Juice Shop)
This command launches Juice Shop and makes it accessible at http://localhost:3000
Step 3B (Alternative to 3A): Persistent Juice Shop Setup: Run Once, Restart Anytime
Want it to stay on the system and just restart it when needed? Yup, you can do that too. Here’s how:
First, create a named container (no –rm)
docker run -d --name juice-shop -p 3000:3000 bkimminich/juice-shopThen, next time you reboot Kali or shut it down, you just do the following:
To Restart Juice Shop:
docker start juice-shopTo Stop Juice Shop:
docker stop juice-shopTo Delete Juice Shop (If Ever):
docker rm juice-shopThis way, you don’t re-download or re-create the container every time.
Congrats, you’ve just leveled up your cyber XP! Catch you in the next post!
