juice-shop
152 строки · 10.1 Кб
1application:
2domain: 7-ms.us
3name: '7 Minute Security'
4logo: 'https://static1.squarespace.com/static/59f9e1c4d0e6281017434039/t/59fd39cde31d1945635d5fbb/1530161239161/7.png'
5favicon: 'https://7minsec.com/favicon.ico'
6theme: blue-lightblue
7showGitHubLinks: true
8altcoinName: Sevencoin
9privacyContactEmail: 'donotreply@7-ms.us'
10customMetricsPrefix: sevenminsec
11chatBot:
12name: 'Brian'
13greeting: "Hi <customer-name>, it's me, your friend and pal <bot-name>!"
14trainingData: 'https://gist.githubusercontent.com/bkimminich/d62bd52a1df4831a0fae7fb06062e3f0/raw/59dadc1e0ab1b5cb9264e85bc78736aaa3f0eb6b/bot7msTrainingData.json'
15defaultResponse: "Sorry, but \"no comprende\"!"
16avatar: 'https://images.squarespace-cdn.com/content/v1/59f9e1c4d0e6281017434039/94c89793-630d-41a4-9976-91fef527f8d0/BrianJohnson-headshot-2022-2-small.png?format=500w'
17social:
18twitterUrl: 'https://twitter.com/7MinSec'
19facebookUrl: null
20slackUrl: 'https://7ms.us/slack'
21redditUrl: null
22pressKitUrl: null
23nftUrl: null
24questionnaireUrl: null
25recyclePage:
26topProductImage: bm-small.jpg
27bottomProductImage: tommyboy.jpeg
28welcomeBanner:
29showOnFirstStart: false
30cookieConsent:
31message: 'If you stay on this website for more than 7 minutes our cookies will start tracking you.'
32dismissText: 'I`ll be long gone by then!'
33linkText: 'But I want to stay an arbitrary number of minutes!'
34linkUrl: 'https://7ms.us/7ms-294-gdpr-me-asap/'
35securityTxt:
36contact: 'mailto:donotreply@7-ms.us'
37encryption: ~
38easterEggPlanet:
39name: 'Mad Billy-7'
40overlayMap: 'https://static1.squarespace.com/static/59505bc2414fb538a0532c76/t/599e266aebbd1a759716569b/1503536748248/logo+2.png'
41challenges:
42xssBonusPayload: '<iframe width="100%" height="166" scrolling="no" frameborder="no" allow="autoplay" src="https://w.soundcloud.com/player/?url=https%3A//api.soundcloud.com/tracks/265098051&color=%23ff5500&auto_play=true&hide_related=false&show_comments=true&show_user=true&show_reposts=false&show_teaser=true"></iframe>'
43hackingInstructor:
44avatarImage: 'https://images.squarespace-cdn.com/content/v1/59f9e1c4d0e6281017434039/94c89793-630d-41a4-9976-91fef527f8d0/BrianJohnson-headshot-2022-2-small.png?format=500w'
45products:
46-
47name: 'Security Assessment'
48price: 1999.99
49description: 'Rather than just pointing out the gaps in your administrative, physical and technical controls, 7 Minute Security will partner with you to help formulate - and execute - a measurable remediation plan.'
50image: 'https://images.squarespace-cdn.com/content/v1/59f9e1c4d0e6281017434039/1618506026604-MMMHZED4KRAPGNEBL50V/website_photos_securityassessments01.jpg?format=750w'
51-
52name: 'Penetration Test'
53description: '<em>"Can the bad guys get in?"</em> An internal and/or external network penetration test will gauge your organization`s defenses and help answer that question. After the test, 7 Minute Security will work with you on the technical defenses you need to put in place.'
54price: 1899.99
55image: 'https://images.squarespace-cdn.com/content/v1/59f9e1c4d0e6281017434039/1618506146888-XHHF0XYUR6D3YK46F3OJ/website_photos_pentesting01.jpg?format=750w'
56-
57name: Training
58description: '7 Minute Security can train your employees to not only be more secure at work, but carry that security-focused attitude into everything they do at home as well. More tech-heavy sessions are available as well, such as <em>Penetration Testing 101</em> and <em>Intro to Windows System Forensics</em>.'
59price: 899.99
60image: 'https://images.squarespace-cdn.com/content/v1/59f9e1c4d0e6281017434039/1618506195524-DNXS4OW3C65ZVKX7O3QQ/website_photos_training.jpg?format=750w'
61reviews:
62- { text: 'Wow, that lady can fingerpoint IPs like a pro!', author: bender }
63-
64name: 'Billy Madison 1.1'
65description: 'Billy Madison is a vulnerable virtual machine, hosted by Vulnhub. To successfully pwn the box, pentesters must undo modifications to the system and recover Billy’s 12th grade project. Otherwise Eric and his weasel laugh will take over Madison Hotels!'
66price: 999.99
67image: 'https://static1.squarespace.com/static/59f9e1c4d0e6281017434039/t/5a01bef9c83025f467396e34/1510063870501/bm-small.jpg'
68urlForProductTamperingChallenge: 'https://www.vulnhub.com/entry/billy-madison-11,161/'
69-
70name: 'Billy Madison 1.0'
71description: 'Christmas Special Re-Release Edition of the famous VulnHub VM! Rare collectors item! Available only Christmas 2014!'
72price: 12999.99
73image: bm-small.jpg
74useForChristmasSpecialChallenge: true
75-
76name: 'Tommy Boy 1.0'
77description: 'Tommy Boy is a vulnerable virtual machine, hosted by VulnHub and based one of my all-time favorite movies. To complete the CTF, pentesters must bring the Callahan Auto brakepad ordering system back online before the company goes out of business.'
78price: 799.99
79image: 'https://static1.squarespace.com/static/59f9e1c4d0e6281017434039/t/5a01bfaa71c10b9d51d59d2e/1510081203010/tommyboy.jpeg'
80-
81name: 'CryptoLocker`d (Audio CD)'
82description: 'A few years ago a worked on an incident response where a user got phished with a promise of a free burrito from Chipotle but instead got a free order of CryptoLocker! And rather than tell IT or sound the alarms, the user just left for the day! The next day they came back and the company was digitally on fire, and they played ignorant to what was going on. I found the user`s handling of the situation humorous (read: not the CryptoLocker infection itself!), so I was inspired to write a song about it.'
83price: 19.99
84image: 'https://pbs.twimg.com/media/Dc3BuBPXUAAswae.jpg'
85fileForRetrieveBlueprintChallenge: The+CryptoLocker+Song.mps
86exifForBlueprintChallenge:
87- ~
88-
89name: 'Sweet Surrender (Limited Edition Best of Audio CD)'
90description: 'Sweet Surrender is a vocals-driven acoustic duo from the Twin Cities area. Our music reflects a diverse range of our musical tastes - from the most current pop and country tunes on the radio today, to some great older tunes done with a twist. We also love to share music that reflects our love for Christ through the most current, contemporary Christian music.'
91price: 29.99
92image: 'https://static1.squarespace.com/static/59208d27c534a58e9b17ec06/t/59208d69197aea2df1397c7b/1505596635447.png'
93keywordsForPastebinDataLeakChallenge:
94- taylor swift
95- katy perry
96-
97name: '7MSagotchi'
98description: 'This cute little rascal is called a Pwnagotchi. It can look around like a champion!'
99price: 40
100image: 'https://images.squarespace-cdn.com/content/v1/59f9e1c4d0e6281017434039/1587693073228-8GDKF12U0LBBKO5XEPFA/image-asset.jpeg?format=2500w'
101reviews:
102- { text: 'FlipperZero FTW!', author: bjoern }
103- { text: 'As you mentioned FlipperZero: @Brian, did you get one by now? Any chance we get this RTTTL version of the amazing JS jingle going? See https://github.com/juice-shop/pwning-juice-shop/issues/105 - Cheers!', author: bjoernOwasp }
104-
105name: '7MS #230: Pentesting OWASP Juice Shop - Part 1'
106description: 'Today we`re kicking of a multipart series all about hacking the OWASP Juice Shop which is "an intentionally insecure webapp for security trainings written entirely in Javascript which encompasses the entire OWASP Top Ten and other severe security flaws."'
107price: 1.99
108image: 'https://i.ytimg.com/vi/IC6m249zvI0/hqdefault.jpg'
109-
110name: '7MS #231: Pentesting OWASP Juice Shop - Part 2'
111description: 'Today we`re continuing our series on hacking apart the OWASP Juice Shop which is "an intentionally insecure webapp for security trainings written entirely in Javascript which encompasses the entire OWASP Top Ten and other severe security flaws."'
112price: 1.99
113image: hqdefault.jpg
114-
115name: '7MS #232: Pentesting OWASP Juice Shop - Part 3'
116description: 'Today is part <strong>three</strong> of our continuing series on attacking the OWASP Juice Shop which is "an intentionally insecure webapp for security trainings written entirely in Javascript which encompasses the entire OWASP Top Ten and other severe security flaws."'
117price: 1.99
118image: hqdefault.jpg
119-
120name: '7MS #233: Pentesting OWASP Juice Shop - Part 4'
121description: 'Today is part <strong>FOUR</strong> of our continuing series on attacking the OWASP Juice Shop which is "an intentionally insecure webapp for security trainings written entirely in Javascript which encompasses the entire OWASP Top Ten and other severe security flaws."'
122price: 1.99
123image: hqdefault.jpg
124-
125name: '7MS #234: Pentesting OWASP Juice Shop - Part 5'
126description: 'Today is part <strong>FIVE</strong> (insert menacing voice: "<em>the final chapter!!!</em>) of our series on attacking the <a href="https://www.owasp.org/index.php/OWASP_Juice_Shop_Project" target="_blank">OWASP Juice Shop</a> which is "an intentionally insecure webapp for security trainings written entirely in Javascript which encompasses the entire OWASP Top Ten and other severe security flaws."'
127price: 1.99
128image: hqdefault.jpg
129-
130name: '7MS #606: Hacking OWASP Juice Shop (2024 edition)'
131description: "Join OWASP's Bjorn Kimminich and Paul Wilch from Project7 as we hack away at what is probably the most modern and sophisticated insecure Web application ever made: Juice Shop!"
132price: 1.99
133image: hqdefault.jpg
134memories:
135-
136image: 'https://images.squarespace-cdn.com/content/v1/59f9e1c4d0e6281017434039/1587695798282-PYCQEJEVJS1OF5FJY07A/pw.JPG?format=750w'
137caption: 'There goes our ISO 27001 cert... "Thanks", Chris! :-('
138user: ciso
139-
140image: 'https://images.squarespace-cdn.com/content/v1/59f9e1c4d0e6281017434039/1569207865247-XHRW3XQ0XVKNEG46L579/usergroup.jpg?format=2500w'
141caption: 'Last meeting of our user group pre-covid...'
142user: stan
143-
144image: 'favorite-hiking-place.png'
145caption: 'I love going hiking here...'
146geoStalkingMetaSecurityQuestion: 14
147geoStalkingMetaSecurityAnswer: 'Daniel Boone National Forest'
148-
149image: 'IMG_4253.jpg'
150caption: 'My old workplace...'
151geoStalkingVisualSecurityQuestion: 10
152geoStalkingVisualSecurityAnswer: 'ITsec'
153