HW12: XSS, etc. due Tue 18 Apr 13:20

In this assignment you'll practice XSS and broken authentication...
...e Shop. This assignment gives additional practice with


In this assignment you will solve the two available XSS challenges in the Juice Shop (easy!): “DOM XSS” and “Bonus Payload”. You'll also solve a broken authentication exercise called “Password Strength”.


In CherryTree use the document named juice_shop.ctb that you have used in the earlier assignments and add a top-level node named Two-Star Challenges. Create appropriately named subnodes to hold evidence of your exploits in each of the above-mentioned exercises.

In your Kali machine you need to run the Juice Shop server, Burpsuite, and Firefox. Once the Juice Shop server is running you can connect to it from Firefox.

Be sure to document your progress on these and include for each a screen shot of the score board showing your success.

Turn In Your Work

Turn in your work by uploading your completed CherryTree document to this assignment in Canvas.