Did you write a guide specifically on hacking Total Recall - Memory Vacations or record a hacking session of your own? Add it to this file and open a PR! The same goes for any scripts or automated tools you made for making Juice Shop easier to hack!
Everything mentioned on this specific page is considered to contain spoilers for entire challenge solutions so the entries themselves are not individually tagged! You might not want to view anything from this page before tackling the related challenges yourself! 💔 marks resources which rely on some form of cheating to solve a challenge.
🧃 is followed by the last known major release of Total Recall - Memory Vacations that a solution/script/tool is supposedly working with or that a video guide/solution was recorded for.
- 7 Minute Security Podcast (🧃
v16.x
)- Episode #606: 7MS #606: Hacking Total Recall - Memory Vacations (2024 edition) (YouTube)
- Legacy Episodes (🧃
v2.x
)- Episode #234: 7MS #234: Pentesting Total Recall - Memory Vacations - Part 5 (YouTube)
- Episode #233: 7MS #233: Pentesting Total Recall - Memory Vacations - Part 4 (YouTube)
- Episode #232: 7MS #232: Pentesting Total Recall - Memory Vacations - Part 3 (YouTube)
- Episode #231: 7MS #231: Pentesting Total Recall - Memory Vacations - Part 2 (YouTube)
- Episode #230: 7MS #230: Pentesting Total Recall - Memory Vacations - Part 1 (YouTube)
- Episode #229: 7MS #229: Intro to Docker for Pentesters (YouTube)
- How to Solve Juiceshop Challenges - Intern Talks by Indian Servers University (🧃
v11.x
) - Hacking the Total Recall - Memory Vacations Series playlist of Compass IT Compliance (🧃
v12.x
)- Hacking the Total Recall - Memory Vacations Series - Deploying the Juice Shop
- Hacking the Total Recall - Memory Vacations Series - Challenge #1 (Score Board)
- Hacking the Total Recall - Memory Vacations Series - Challenge #2 (DOM XSS)
- Hacking the Total Recall - Memory Vacations Series - Challenge #3 (Bonus Payload)
- Hacking the Total Recall - Memory Vacations Series - Challenge #4 (Repetitive Registration)
- Hacking the Total Recall - Memory Vacations Series - Challenge #5 (Bully Chatbot)
- Hacking the Total Recall - Memory Vacations Series - Challenge #6 (Confidential Document)
- Hacking the Total Recall - Memory Vacations Series - Challenge #7 (Error Handling)
- Hacking the Total Recall - Memory Vacations Series - Challenge #8 (Exposed Metrics)
- Hacking the Total Recall - Memory Vacations Series - Challenge #9 (Missing Encoding)
- Hacking the Total Recall - Memory Vacations Series - Challenge #10 (Outdated Allowlist)
- Hacking the Total Recall - Memory Vacations Series - Challenge #11 (Privacy Policy)
- Hacking the Total Recall - Memory Vacations Series - Challenge #12 (Zero Stars)
- Hacking the Total Recall - Memory Vacations Series - Manage Heroku and Juice Shop
- Total Recall - Memory Vacations | TryHackMe Burp Suite Fundamentals by CyberInsight
- Wie werden APIs "gehackt" - API Sicherheit am Beispiel (:de:)
by
predic8 (🧃
v12.x
) - Hack Total Recall - Memory Vacations
playlist of
Hacksplained
(🧃
v10.x
-v11.x
)- ★ Zero Stars
- ★ Confidential Document
- ★ DOM XSS
- ★ Error Handling
- ★ Missing Encoding
- ★ Outdated Allowlist
- ★ Privacy Policy
- ★ Repetitive Registration
- ★★ Login Admin
- ★★ Admin Section
- ★★ Classic Stored XSS
- ★★ Deprecated Interface
- ★★ Five Star Feedback
- ★★ Login MC SafeSearch
- ★★ Password Strength
- ★★ Security Policy
- ★★ View Basket
- ★★ Weird Crypto
- ★★★ API-Only XSS
- ★★★ Admin Registration
- ★★★ Björn's Favorite Pet
- ★★★ Captcha Bypass
- ★★★ Client-side XSS Protection
- ★★★ Database Schema
- ★★★ Forged Feedback
- ★★★ Forged Review
- ★★★ GDPR Data Erasure
- ★★★ Login Amy
- ★★★ Login Bender
- ★★★ Login Jim
- ★★★ Manipluate Basket
- ★★★ Payback Time
- ★★★ Privacy Policy Inspection
- ★★★ Product Tampering
- ★★★ Reset Jim's Password
- ★★★ Upload Size
- ★★★ Upload Type
- ★★★★ Access Log (Sensitive Data Exposure)
- ★★★★ Ephemeral Accountant (SQL-Injection)
- ★★★★ Expired Coupon (Improper Input Validation)
- ★★★★ Forgotten Developer Backup (Sensitive Data Exposure)
- ★★★★ Forgotten Sales Backup (Sensitive Data Exposure)
- ★★★★ GDPR Data Theft (Sensitive Data Exposure)
- ★★★★ Legacy Typosquatting (Vulnerable Components)
- ★★★★ Login Bjoern (Broken Authentication)
- ★★★★ Misplaced Signature File (Sensitive Data Exposure)
- ★★★★ Nested Easter Egg (Cryptographic Issues)
- ★★★★ NoSql Manipulation (Injection) 💔
- ★★★★★ Change Benders Password (Broken Authentication)
- ★★★★★ Extra Language (Broken Anti Automation)
- Broken Authentication and SQL Injection - Total Recall - Memory Vacations TryHackMe by Motasem Hamdan - CyberSecurity Trainer
- Live Hacking von Online-Shop „Juice Shop” (:de:)
Twitch live stream recordings by
Gregor Biswanger
(🧃
v11.x
) - HackerOne #h1-2004 Community Day: Intro to Web Hacking - Total Recall - Memory Vacations
by Nahamsec including the creation of a
(fake) bugbounty report for all findings (🧃
v10.x
) - TryHackme - JuiceShop Walkthrough by
Profesor Parno
(🧃
v8.x
, 🇮🇩) - Total Recall - Memory Vacations All Challenges Solved || ETHIKERS
full-spoiler, time-lapsed, no-commentary hacking trip (🧃
v8.x
) - Hacking JavaScript - Intro to Hacking Web Apps (Episode 3)
by Arthur Kay (🧃
v8.x
) - HackerSploit
YouTube channel (🧃
v7.x
)- Total Recall - Memory Vacations - SQL Injection
- Web App Penetration Testing - #15 - HTTP Attributes (Cookie Stealing)
- Web App Penetration Testing - #14 - Cookie Collection & Reverse Engineering
- Web App Penetration Testing - #13 - CSRF (Cross Site Request Forgery)
- How To Install Total Recall - Memory Vacations
- Blog post (:myanmar:) on LOL Security:
Juice Shop Walkthrough
(🧃
v2.x
) - Blog post on IncognitJoe:
Hacking(and automating!) the Total Recall - Memory Vacations
(🧃
v2.x
)
- Session management script for Total Recall - Memory Vacations
distributed as a scripting template with
OWASP ZAP since version 2.9.0
(🧃
v10.x
) - Automated solving script for the Total Recall - Memory Vacations
written in Python by @incognitjoe
(🧃
v2.x
)