King Abdulaziz University • CYB 237

Team & Supervision

This security assessment was conducted as the final capstone project. The objective was to perform a complete ethical hacking engagement on the OWASP Juice Shop platform to identify vulnerabilities and propose mitigation strategies.

Project Duration

Academic Year 2025

Testing Platform

OWASP Juice Shop

Methodology

STRIDE Threat Model

Vulnerabilities Found

8 Critical Issues

Project Supervisor
Dr. Ahmed Al‑Mutairi
Team Leader
Mohammed Ghabban
Team Member
Mansour Abdullah
Team Member
Mohammed Bawazeer
Team Member
Mohammed Fawzi
Team Member
Maher Jameel
Team Member
Faisal Fattah

Project Objectives

01

Identify Vulnerabilities

Conduct comprehensive security testing to discover critical vulnerabilities in the OWASP Juice Shop application.

02

Apply STRIDE Model

Utilize the STRIDE threat modeling framework to categorize and analyze identified security threats.

03

Document Exploits

Create detailed documentation and proof-of-concept demonstrations for each discovered vulnerability.

04

Propose Mitigations

Develop actionable security recommendations and mitigation strategies for identified vulnerabilities.

Acknowledgments

We would like to thank Dr. Ahmed Al-Mutairi for his clear explanation of the Cyber Threats course CYB-237 and for helping us understand its content. His way of teaching made the topics easier to grasp and supported us in completing our work.