weichertlabs.com

WeichertLabs

weichertlabs.comGuidesCyberSecurityJuice Shop with Docker (Windows 11)

Juice Shop with Docker (Windows 11)

Setting up OWASP Juice Shop in Docker is a quick and efficient way to create a vulnerable web application for pentesting practice. In this guide, you’ll learn how to install Docker Desktop on Windows 11 and launch Juice Shop locally.
This will serve as the main target for your pentesting environment — perfect for use with tools like Nmap, Nikto, ffuf, and AI analysis with Ollama.

We’ll walk through:

  • Installing Docker Desktop with WSL2 integration
  • Running Juice Shop in a container
  • Accessing it from your browser and WSL2 (Kali)

Once complete, you’ll have a working target to scan, exploit, and analyze — all hosted locally.

operating systems Guides

Please note: All guides and scripts are provided for educational purposes. Always review and understand any code before running it – especially with administrative privileges. Your system, your responsibility.

Use at your own risk: While every effort is made to ensure accuracy, I cannot take responsibility for issues caused by applying tutorials or scripts. Test in a safe environment before using in production.

Step 1 – Install Docker Desktop

  1. Go to: https://www.docker.com/products/docker-desktop/
  2. Download Docker Desktop for Windows and install it.
  3. During installation, make sure to:
    • Enable WSL2 backend
    • Allow integration with your WSL2 distributions (e.g., Kali)
  4. After installation, launch Docker Desktop and verify it’s running.

Screenshots

Step 2 – Verify Docker Works

Open PowerShell or your terminal and run:

docker version

You should see client and server versions listed.
If you’re using WSL2 (e.g., Kali), test from there too:

docker --version

If it doesn’t work inside WSL2, make sure integration is enabled in Docker Desktop settings under “Resources → WSL Integration”.

Screenshots

Step 3 – Download and Run OWASP Juice Shop

You can run Juice Shop using Docker with a single command:

docker run --rm -d -p 3000:3000 bkimminich/juice-shop
  • -rm: Automatically clean up container on stop
  • d: Detached mode (runs in background)
  • p 3000:3000: Maps container port 3000 to host

Screenshots

Step 4 – Access Juice Shop in Browser

Open a browser and go to:

http://localhost:3000

You should see the OWASP Juice Shop interface.

✅ This address will also work inside WSL2 (e.g., using curl http://localhost:3000).

Screenshots

Step 5 – Check the Container

To verify the container is running:

docker ps

To stop it (optional):

docker stop <container_id>

Or simply close Docker Desktop if running with –rm.

Screenshots

Juice Shop with Docker (Windows 11) (Video Demo)

In this video, we install Docker Desktop on Windows 11 and launch OWASP Juice Shop — a deliberately insecure web app perfect for learning web application security and penetration testing.