An open API service indexing awesome lists of open source software.

https://github.com/stephensouth13/pentest-lab-case-study

Local Docker pentest lab + PoC & report — Juice Shop, DVWA, vulnerable API.
https://github.com/stephensouth13/pentest-lab-case-study

bash hacker shell

Last synced: about 1 month ago
JSON representation

Local Docker pentest lab + PoC & report — Juice Shop, DVWA, vulnerable API.

Awesome Lists containing this project

README

          

# 🛡️ Pentest Lab & Case Study

A reproducible local pentest lab built with Docker (OWASP Juice Shop, DVWA, vulnerable API).
Includes automated scans, proof-of-concepts (PoC) for OWASP Top 10, and professional reporting templates.

---

## 📌 Features
- 🔧 **Easy setup**: Docker-based (Juice Shop, DVWA, vulnerable API)
- 🔍 **Automated scanning**: `scan.sh` with nmap, nikto, gobuster
- 💥 **PoC exploits**: SQLi, XSS, IDOR, Weak Auth
- 📑 **Reporting templates**:
- `REPORT.md` (technical details)
- `EXECUTIVE_SUMMARY.md` (non-technical summary for managers)
- 🎯 **Learning workflow**: Recon → Scan → Exploit → Report

---

## 🚀 Quick Start
```bash
# 1. Clone repo
git clone https://github.com/YOUR-USERNAME/pentest-lab-case-study.git
cd pentest-lab-case-study

# 2. Start vulnerable targets
docker-compose up -d

# 3. Run automated scans
chmod +x scan.sh
./scan.sh

# 4. Document findings
vim REPORT.md
Targets will be available:

Juice Shop → http://localhost:3000

DVWA → http://localhost:4200

Vulnerable API → http://localhost:5000