Report

Comprehensive
Security Assessment

OWASP Juice Shop

0
Vulnerabilities
0
STRIDE Categories
0
Interactive Labs
0
Team Members

Executive Summary

This report documents a penetration testing engagement performed on OWASP Juice Shop, a simulated e-commerce application. We selected this platform as it represents a modern web application architecture containing common vulnerabilities found in real-world enterprise systems. The objective was to identify vulnerabilities using the STRIDE threat model and demonstrate the impact of these flaws.
We successfully identified 8 vulnerabilities, ranging from SQL Injection to Sensitive Data Exposure. This assessment highlights the risks facing the organisation and provides actionable mitigation strategies to fortify the security posture.
Disclaimer: This project was conducted in a controlled, isolated environment for educational purposes only.

Threat Analysis

A comprehensive threat analysis was performed to understand the potential risks targeting the OWASP Juice Shop application. This analysis focuses on identifying how attackers may exploit weaknesses, what assets are at risk, and how each vulnerability aligns with established threat modelling standards.

STRIDE Framework

We used the STRIDE framework to categorise and evaluate threats, ensuring a structured approach to identifying potential security flaws across the application's architecture.

Bowtie Diagram

To clearly illustrate the relationship between threats, causes, impacts and security controls, we developed a Bowtie Diagram to visualise how an attacker could compromise the administrator account.

STRIDE Threat Model

Below is an overview of threats identified using the STRIDE methodology:

S
Spoofing
T
Tampering
R
Repudiation
I
Information Disclosure
D
Denial of Service
E
Elevation of Privilege
Threat Category Description Juice Shop Example
S
Spoofing
Impersonating a legitimate user or service. Login Admin Bypass
T
Tampering
Unauthorised modification of data. Manipulating API requests
R
Repudiation
Denying an action took place (no logging). Missing logs on actions
I
Info Disclosure
Exposure of sensitive information. Sensitive Data Exposure
D
Denial of Service
Disrupting service availability. Brute Force / FTP overload
E
Elevation
Gaining unauthorized higher access. Admin route access

Bowtie Risk Diagram

Scenario: Administrator Account Compromise

Threats (Causes)
  • SQL Injection Login Bypass
  • Weak Admin Password
  • Broken Access Control
  • Insecure API Endpoints
  • Insufficient Input Validation
TOP EVENT
Administrator
Account Compromise
Consequences
  • Full system takeover
  • Leakage of customer data
  • Tampering with orders
  • Privilege escalation
  • Website defacement
Preventive Controls
  • Parameterized SQL queries
  • Strong password enforcement
  • Role-based access control (RBAC)
  • Input sanitisation
Mitigative Controls
  • Logging and monitoring
  • Incident response plan
  • Forced logout after alerts
  • Backup & recovery procedures

Conclusion

Our assessment highlights significant weaknesses across authentication, input validation, access control and data handling. Addressing these issues—through parameterised queries, strong credentials, proper authorisation checks and secure configuration—will greatly reduce the attack surface of the application. Continuous monitoring and periodic security reviews are recommended to maintain a robust security posture.