Merge branch 'develop'

.appveyor.yml

@@ -11,10 +11,10 @@ skip_commits:
     - LICENSE
     - README.md
 environment:
-  nodejs_version: 18
+  # nodejs_version: 18
   ruby_version: 32
 install:
-  - ps: 'Install-Product node $env:nodejs_version'
+  # - ps: 'Install-Product node $env:nodejs_version'
   - 'mkdir C:\Users\appveyor\AppData\Roaming\npm'
   - 'node --version && npm --version'
   - 'npx antora -v'

docs/antora.yml

@@ -1,6 +1,6 @@
 name: companion-guide
 title: "Pwning OWASP Juice Shop"
-version: 'latest'
+version: 'snapshot'
 asciidoc:
   attributes:
     page-lang: en@

docs/modules/ROOT/book.adoc

@@ -123,6 +123,8 @@ include::pages/part4/customization.adoc[Customization]
 
 include::pages/part4/ctf.adoc[Hosting a CTF event]
 
+include::pages/part4/multi-juicer.adoc[Hosting platform for multiple users]
+
 include::pages/part4/trainers.adoc[Trainer's guide]
 
 include::pages/part4/integration.adoc[Integration]

docs/modules/ROOT/nav.adoc

@@ -47,6 +47,7 @@
 ** xref:part4/troubleshooting.adoc[Troubleshooting]
 ** xref:part4/customization.adoc[Customization]
 ** xref:part4/ctf.adoc[Hosting a CTF event]
+** xref:part4/multi-juicer.adoc[Hosting platform for multiple users]
 ** xref:part4/trainers.adoc[Trainer's guide]
 ** xref:part4/integration.adoc[Integration]
 ** xref:part4/monitoring.adoc[Monitoring]

docs/modules/ROOT/pages/attributes.adoc

@@ -1,8 +1,9 @@
 :ctfdVersion: 3.6 or higher
 :is_ctf: 0
 :rtbVersion: 3.3 or higher
-:juiceShopVersion: v15.1.0
+:juiceShopVersion: v15.2.0-SNAPSHOT
 :juiceShopCtfVersion: v10.0.0
+:multiJuicerVersion: v6.1.0
 :juiceShopNumberOfChallenges: 106
 :nodeVersions: 16.x, 18.x and 20.x (but smaller 20.6.0)
 :recommendedNodeVersion: 18.x

docs/modules/ROOT/pages/part1/challenges.adoc

@@ -89,6 +89,7 @@ newcomers
 endif::[]
 * *Code Analysis* marks challenges where it can be helpful to rummage
 through some source code of the application or that of a third party
+* *Internet Traffic* marks challenges strictly depending on the server being able to connect with the Internet via e.g. WebSocket or JSON-RPC
 
 image::part1/tags.png[Tag breakdown]
 

docs/modules/ROOT/pages/part4/multi-juicer.adoc

@@ -0,0 +1,46 @@
+= Hosting platform for multiple users[[_multi_juicer]]
+include::../attributes.adoc[]
+
+image::appendix/multi-juicer_cover.svg[MultiJuicer cover]
+
+A solution to host and manage individual Juice Shop instances for
+multiple users is
+https://github.com/iteratec/multi-juicer/[MultiJuicer]. MultiJuicer is
+a Kubernetes based system to start up the required Juice Shop instances
+on demand. It will also clean up unused instances after a configured
+period of inactivity.
+
+MultiJuicer {multiJuicerVersion} comes with a custom-built load balancer. It allows every
+participant (or a CTF team) to use the same URL, but their traffic will
+always be sent to their own personal (or team-specific) instance.
+
+image::appendix/multi-juicer_high-level-architecture.png[MultiJuicer high level architecture]
+
+Registration at MultiJuicer is very straightforward for the users/teams.
+Messing with other instances is prevented by assigning a passcode to
+each of them which should only be shared among team members - or not at
+all for individuals.
+
+image::appendix/multi-juicer_register.png[MultiJuicer registration]
+
+MultiJuicer comes with a rudimentary Score Board of its own, which allows teams to compare their progress through
+the Juice Shop challenges.
+
+image::appendix/multi-juicer_scoreboard.png[MultiJuicer score board]
+
+Another helpful feature for trainers and CTf-organizers is the https://github.com/juice-shop/multi-juicer/blob/main/guides/monitoring-setup/monitoring.md[optional
+dashboard which automatically consumes and displays metrics] from each of
+its Juice Shop instances. It shows individual challenge progress along with other
+functional and technical stats and can be very helpful in
+troubleshooting as well.
+
+image:appendix/multi-juicer_dashboard.png[MultiJuicer dashboard with technical metrics]
+image:appendix/multi-juicer_dashboard1.png[MultiJuicer dashboard with business metrics]
+
+The MultiJuicer repository offers guidance on how to set up the system on different cloud provider platforms:
+
+* https://github.com/juice-shop/multi-juicer/tree/main/guides/aws[AWS]
+* https://github.com/juice-shop/multi-juicer/tree/main/guides/azure[Azure]
+* https://github.com/juice-shop/multi-juicer/tree/main/guides/digital-ocean[Digital Ocean]
+* https://github.com/juice-shop/multi-juicer/tree/main/guides/k8s[Kubernetes]
+* https://github.com/juice-shop/multi-juicer/tree/main/guides/openshift[Openshift]

docs/modules/ROOT/pages/part4/trainers.adoc

@@ -44,7 +44,7 @@ that coupon codes were actually tweeted by your customer's company.
 
 == Classroom hints
 
-In a class room setup you have to find a way to distribute the URL of
+In a classroom setup you have to find a way to distribute the URL of
 each instance to the participants. For small groups, it is probably fine
 to just spin up a number of containers and tell all participants which
 URL they have to use. An example to spin up 10 Docker containers on a
@@ -64,43 +64,7 @@ want to encourage the students to hack very competitively.
 
 image::appendix/multi-juicer_cover.svg[MultiJuicer cover]
 
-A solution to host and manage individual Juice Shop instances for
-multiple users is
-https://github.com/iteratec/multi-juicer/[MultiJuicer]. MultiJuicer is
-a Kubernetes based system to start up the required Juice Shop instances
-on demand. It will also clean up unused instances after a configured
-period of inactivity.
-
-MultiJuicer comes with a custom-built load balancer. It allows every
-participant (or a CTF team) to use the same URL, but their traffic will
-always be sent to their own personal instance.
-
-image::appendix/multi-juicer_high-level-architecture.png[MultiJuicer high level architecture]
-
-Registration at MultiJuicer is very straightforward for the users/teams.
-Messing with other instances is prevented by assigning a passcode to
-each of them which should only be shared among team members - or not at
-all for individuals.
-
-image::appendix/multi-juicer_register.png[MultiJuicer registration]
-
-MultiJuicer comes with a rudimentary Score Board of its own, which allows teams to compare their progress through
-the Juice Shop challenges.
-
-image::appendix/multi-juicer_scoreboard.png[MultiJuicer score board]
-
-Another helpful feature for the trainer MultiJuicer is the https://github.com/iteratec/multi-juicer/blob/master/guides/monitoring-setup/monitoring.adoc[optional
-dashboard which automatically consumes and displays metrics] from each of
-its Juice Shop instances. It shows individual challenge progress along with other
-functional and technical stats and can be very helpful in
-troubleshooting as well.
-
-image:appendix/multi-juicer_dashboard.png[MultiJuicer dashboard with technical metrics]
-image:appendix/multi-juicer_dashboard1.png[MultiJuicer dashboard with business metrics]
-
-The MultiJuicer repository offers guidance on https://github.com/iteratec/multi-juicer#installation-guides-for-specific-cloud-providers[how to set up the
-system on different cloud provider platforms],
-such as Digital Ocean, OpenShift, AWS or Azure.
+For a more sophisticated way to host and manage multiple Juice Shop instances we recommend https://github.com/iteratec/multi-juicer/[MultiJuicer]. Learn all about this official platform of Juice Shop xref:part4/multi-juicer.adoc[in this dedicated chapter].
 
 == Existing trainings