https://github.com/stephensouth13/pentest-lab-case-study
Local Docker pentest lab + PoC & report — Juice Shop, DVWA, vulnerable API.
https://github.com/stephensouth13/pentest-lab-case-study
bash hacker shell
Last synced: about 1 month ago
JSON representation
Local Docker pentest lab + PoC & report — Juice Shop, DVWA, vulnerable API.
- Host: GitHub
- URL: https://github.com/stephensouth13/pentest-lab-case-study
- Owner: StephenSouth13
- License: other
- Created: 2025-09-14T22:23:06.000Z (10 months ago)
- Default Branch: main
- Last Pushed: 2025-09-14T22:52:13.000Z (10 months ago)
- Last Synced: 2025-09-15T00:26:38.191Z (10 months ago)
- Topics: bash, hacker, shell
- Language: Shell
- Homepage:
- Size: 2.93 KB
- Stars: 0
- Watchers: 0
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: License
Awesome Lists containing this project
README
# 🛡️ Pentest Lab & Case Study
A reproducible local pentest lab built with Docker (OWASP Juice Shop, DVWA, vulnerable API).
Includes automated scans, proof-of-concepts (PoC) for OWASP Top 10, and professional reporting templates.
---
## 📌 Features
- 🔧 **Easy setup**: Docker-based (Juice Shop, DVWA, vulnerable API)
- 🔍 **Automated scanning**: `scan.sh` with nmap, nikto, gobuster
- 💥 **PoC exploits**: SQLi, XSS, IDOR, Weak Auth
- 📑 **Reporting templates**:
- `REPORT.md` (technical details)
- `EXECUTIVE_SUMMARY.md` (non-technical summary for managers)
- 🎯 **Learning workflow**: Recon → Scan → Exploit → Report
---
## 🚀 Quick Start
```bash
# 1. Clone repo
git clone https://github.com/YOUR-USERNAME/pentest-lab-case-study.git
cd pentest-lab-case-study
# 2. Start vulnerable targets
docker-compose up -d
# 3. Run automated scans
chmod +x scan.sh
./scan.sh
# 4. Document findings
vim REPORT.md
Targets will be available:
Juice Shop → http://localhost:3000
DVWA → http://localhost:4200
Vulnerable API → http://localhost:5000