Security TestingWeb UIAdvanced30-45 min

OWASP Juice Shop - Broken access control and input security

Scenario

You are using an intentionally vulnerable training app. Explore security risks in an educational, responsible way: authentication, authorization, input handling, account data exposure, error handling, and sensitive data protection.

Lab workspace

OWASP Juice Shop

Intentionally vulnerable security training app

Open the third-party practice site in a new tab, test the target flow there, then return here to organize your notes and submit your answer. We do not embed external sites.

1Open the external practice site
2Explore the target flow
3Write your testing notes
4Submit answer and compare with senior QA feedback

Focus areas

Input validationAccess controlAuthentication risksSensitive data exposureError handling

Suggested timebox: 30-45 min

Testing notes

Use this while exploring the external site. These notes are saved locally in your browser.

What would you test?

When you are ready, summarize what you would test below.