diff --git a/ webgoat/main/eclipse.bat b/ webgoat/main/eclipse.bat
index cd99fe252..9b88a5313 100644
--- a/ webgoat/main/eclipse.bat	
+++ b/ webgoat/main/eclipse.bat	
@@ -1,5 +1,7 @@
-set JAVAHOME=.\java
+set JAVAHOME= C:\Program Files\Java\jdk1.5.0_08
 set PATH=%JAVAHOME%\bin;%PATH%
-set ECLIPSE_HOME=.\eclipse
+set ECLIPSE_HOME= C:\webgoat\tools\eclipse
+SET JAVA_OPTS=%JAVA_OPTS% -Xms128m -Xmx768m
+
+%ECLIPSE_HOME%\eclipse.exe -data .\workspace
 
-%ECLIPSE_HOME%\eclipse.exe -data .\workspace
\ No newline at end of file
diff --git a/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/AbstractLesson.java b/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/AbstractLesson.java
index 3365d5b90..301b6da0d 100644
--- a/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/AbstractLesson.java	
+++ b/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/AbstractLesson.java	
@@ -104,6 +104,8 @@ public abstract class AbstractLesson extends Screen implements Comparable
 	 */
 	public final static Category WEB_SERVICES = new Category( "Web Services", new Integer( 1110 ) );
 	
+	public final static Category AJAX_SECURITY = new Category( "AJAX Security", new Integer( 1150 ) );
+	
 	public final static Category NEW_LESSON = new Category ( "New Lessons" , new Integer ( 1210 ) );
 
 	public final static Category ADMIN_FUNCTIONS = new Category( "Admin Functions", new Integer( 10 ) );
@@ -162,6 +164,7 @@ public abstract class AbstractLesson extends Screen implements Comparable
 		categories.add(A9);
 		categories.add(A10);
 		categories.add(WEB_SERVICES);
+		categories.add(AJAX_SECURITY);
 		categories.add(NEW_LESSON);
 		categories.add(ADMIN_FUNCTIONS);
 		categories.add(GENERAL);
diff --git a/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/DOMInjection.java b/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/DOMInjection.java
new file mode 100644
index 000000000..ab89ef7e9
--- /dev/null
+++ b/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/DOMInjection.java	
@@ -0,0 +1,163 @@
+package org.owasp.webgoat.lessons;
+
+import java.io.PrintWriter;
+import java.util.ArrayList;
+import java.util.List;
+
+import org.apache.ecs.Element;
+import org.apache.ecs.ElementContainer;
+import org.apache.ecs.StringElement;
+import org.apache.ecs.html.BR;
+import org.apache.ecs.html.Form;
+import org.apache.ecs.html.H1;
+import org.apache.ecs.html.Input;
+import org.apache.ecs.html.TD;
+import org.apache.ecs.html.TR;
+import org.apache.ecs.html.Table;
+import org.apache.ecs.html.Button;
+import org.owasp.webgoat.session.ECSFactory;
+import org.owasp.webgoat.session.WebSession;
+
+public class DOMInjection extends LessonAdapter {
+
+	private final static Integer DEFAULT_RANKING = new Integer(10);
+	private final static String KEY = "key";
+	/*public void handleRequest( WebSession s )
+	{
+		//Setting a special action to be able to submit to redirect.jsp
+		Form form = new Form( "/WebGoat/lessons/AJAXSecurity/DOMInjection.jsp?" +
+				        "Screen=" + String.valueOf(getScreenId()) +
+				        "&menu=" + getDefaultCategory().getRanking().toString()
+				        , Form.POST ).setName( "form" ).setEncType( "" );
+
+		form.addElement( createContent( s ) );
+
+        setContent(form);
+	}*/
+	
+	protected Element createContent(WebSession s) {
+		
+		String key = "K1JFWP8BSO8HI52LNPQS8F5L01N";
+		ElementContainer ec = new ElementContainer();
+
+		try
+		{
+			String userKey = s.getParser().getRawParameter(KEY, "");
+			String fromAJAX = s.getParser().getRawParameter("from" , "");
+			if (fromAJAX.equalsIgnoreCase("ajax") && userKey.length()!= 0 && userKey.equals(key))
+			{
+				s.getResponse().setContentType("text/html");
+				s.getResponse().setHeader("Cache-Control", "no-cache");
+				PrintWriter out = new PrintWriter(s.getResponse().getOutputStream());
+				out.print("document.forms[0].SUBMIT.disabled = false;");	
+				out.flush();
+				out.close();
+				return ec;
+			}
+			if (s.getRequest().getMethod().equalsIgnoreCase("POST"))
+			{
+				makeSuccess(s);
+			}
+		}
+		catch(Exception e)
+		{
+			s.setMessage( "Error generating " + this.getClass().getName() );
+			e.printStackTrace();				
+		}
+		
+		String lineSep = System.getProperty("line.separator");
+		String script  =  "<script>" + lineSep +
+			"function validate() {" + lineSep +
+			"alert('we are here');" + lineSep +
+			"var keyField = document.getElementById('key');" + lineSep +
+			"var url = '/WebGoat/attack?Screen=" + String.valueOf(getScreenId()) +
+			"&menu=" + getDefaultCategory().getRanking().toString() +
+			"&from=ajax&key=' + encodeURIComponent(keyField.value);" + lineSep +	        
+			"if (typeof XMLHttpRequest != 'undefined') {" + lineSep +
+			"req = new XMLHttpRequest();" + lineSep +
+			"} else if (window.ActiveXObject) {" + lineSep +
+			"req = new ActiveXObject('Microsoft.XMLHTTP');" + lineSep +
+			"   }" + lineSep +
+			"   req.open('GET', url, true);" + lineSep +
+			"   req.onreadystatechange = callback;" + lineSep +
+			"   req.send(null);" + lineSep +
+			"}" + lineSep +
+			"function callback() {" + lineSep +
+			"    if (req.readyState == 4) { " + lineSep +
+			"        if (req.status == 200) { " + lineSep +
+			"            var message = req.responseText;" + lineSep +
+			"			 eval(message);" + lineSep +	
+			"        }}}" + lineSep +
+			"</script>" + lineSep;
+		
+		ec.addElement( new StringElement(script));
+		ec.addElement( new BR().addElement (new H1().addElement( "Welcome to WebGoat Registration Page:")));
+		ec.addElement( new BR().addElement ("Please enter the license key that was emailed to you to start using the application."));
+		ec.addElement( new BR());
+		ec.addElement( new BR());
+		Table t1 = new Table().setCellSpacing(0).setCellPadding(0).setBorder(0).setWidth("70%").setAlign("center");
+		
+		TR tr = new TR();			
+		tr.addElement( new TD( new StringElement( "License Key: " ) ));		
+		
+		Input input1 = new Input( Input.TEXT, KEY , "" );
+		input1.addAttribute("onkeyup", "validate();");
+		tr.addElement( new TD( input1 ) );
+		t1.addElement( tr );
+
+		tr = new TR();
+		tr.addElement( new TD( "&nbsp;" ).setColSpan(2));
+		
+		t1.addElement( tr );
+		
+		tr = new TR();
+		Input b = new Input();
+		b.setType( Input.SUBMIT );
+		b.setValue( "Activate!" );
+		b.setName("SUBMIT");
+		b.setDisabled(true);
+		tr.addElement(new TD( "&nbsp;" ));
+		tr.addElement( new TD( b ) );
+		
+		t1.addElement(tr);
+		ec.addElement( t1 );		
+		
+		
+		return ec ;
+	}
+
+	@Override
+	public Element getCredits() {
+
+		return new StringElement("This screen created by: Sherif Koussa");
+	}
+
+	@Override
+	protected Category getDefaultCategory() {
+		
+		return AJAX_SECURITY;
+	}
+
+	@Override
+	protected Integer getDefaultRanking() {
+		
+		return DEFAULT_RANKING;
+	}
+
+	@Override
+	protected List getHints() {
+		
+		List<String> hints = new ArrayList<String>();
+		hints.add( "This page is using XMLHTTP to comunicate with the server." );
+		hints.add( "Try to find a way to inject the DOM to enable the Activate button." );
+		hints.add( "Intercept the reply and add document.forms[0].SUBMIT.disabled = false;" );
+		return hints;
+	}
+
+	@Override
+	public String getTitle() {
+		// TODO Auto-generated method stub
+		return "DOM Injection";
+	}
+
+}
diff --git a/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/HttpSplitting.java b/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/HttpSplitting.java
index 16da20dbe..cfc7481b2 100644
--- a/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/HttpSplitting.java	
+++ b/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/HttpSplitting.java	
@@ -77,6 +77,7 @@ public class HttpSplitting extends LessonAdapter {
 			if (Arrays.binarySearch(arrTokens, "CONTENT-LENGTH: 0") >= 0 &&
 					Arrays.binarySearch(arrTokens, "HTTP/1.1 200 OK") >= 0 )	
 			{	
+				ec.addElement("HTTP/1.1 200 OK" + System.getProperty("line.separator") + "test");
 				makeSuccess( s );
 			}
 		}
diff --git a/ webgoat/main/project/JavaSource/org/owasp/webgoat/util/Interceptor.java b/ webgoat/main/project/JavaSource/org/owasp/webgoat/util/Interceptor.java
new file mode 100644
index 000000000..4195b7745
--- /dev/null
+++ b/ webgoat/main/project/JavaSource/org/owasp/webgoat/util/Interceptor.java	
@@ -0,0 +1,112 @@
+/**
+ * 
+ */
+package org.owasp.webgoat.util;
+
+import java.io.IOException;
+import java.io.BufferedReader;
+import java.io.PrintWriter;
+import java.io.InputStreamReader;
+import java.net.UnknownHostException;
+
+import java.net.Socket;
+
+import javax.servlet.Filter;
+import javax.servlet.FilterChain;
+import javax.servlet.FilterConfig;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.RequestDispatcher;
+import javax.servlet.http.HttpServletRequest;
+
+/**
+ * @author sherif koussa - Macadamian Technologies
+ *
+ */
+public class Interceptor implements Filter {
+
+	private static final String OSG_SERVER_NAME = "OSGServerName";
+	private static final String OSG_SERVER_PORT = "OSGServerPort";
+
+	/* (non-Javadoc)
+	 * @see javax.servlet.Filter#destroy()
+	 */
+	public void destroy() {
+		// TODO Auto-generated method stub
+
+	}
+
+	public void doFilter(ServletRequest request, ServletResponse response,
+			FilterChain chain) throws IOException, ServletException {
+
+        HttpServletRequest req = (HttpServletRequest)request;
+
+	    Socket osgSocket = null;
+        PrintWriter out = null;
+        BufferedReader in = null;
+		String osgServerName = req.getSession().getServletContext().getInitParameter(OSG_SERVER_NAME);
+		String osgServerPort = req.getSession().getServletContext().getInitParameter(OSG_SERVER_PORT);
+
+        try {
+        	//If these parameters are not defined then no communication will happen with OSG
+    		if (osgServerName != null && osgServerName.length() != 0 &&
+    				osgServerPort != null && osgServerPort.length() != 0 )
+    		{
+    			osgSocket = new Socket(osgServerName, Integer.parseInt(osgServerPort));
+            	if ( osgSocket != null )
+            	{
+                    out = new PrintWriter(osgSocket.getOutputStream(), true);
+                    in = new BufferedReader(new InputStreamReader(
+                    		osgSocket.getInputStream()));
+                    //String message = "HTTPRECEIVEHTTPREQUEST,-,DataValidation_SqlInjection_Basic.aspx";
+                    //out.println(message);
+                    
+                    //System.out.println(in.readLine());
+            	}    			
+    		}
+    		
+        } 
+        catch (UnknownHostException e) 
+        {
+            e.printStackTrace();
+            
+        } 
+        catch (IOException e) 
+        {
+        	e.printStackTrace();
+        }
+        finally
+        {
+        	if (out != null)
+        	{
+        		out.close();	
+        	}
+        	if (in != null)
+        	{
+        		in.close();
+        	}
+        	if (osgSocket != null)
+        	{
+        		osgSocket.close();	
+        	}        	
+        }
+	    
+	    String url = req.getRequestURL().toString();
+	    
+	    RequestDispatcher disp = req.getRequestDispatcher(url.substring(url.lastIndexOf("WebGoat/") + "WebGoat".length()));
+	   
+	    disp.forward(request, response);
+	    
+	}
+
+	/* (non-Javadoc)
+	 * @see javax.servlet.Filter#init(javax.servlet.FilterConfig)
+	 */
+	public void init(FilterConfig arg0) throws ServletException {
+		// TODO Auto-generated method stub
+
+	}
+
+}
+
diff --git a/ webgoat/main/project/WebContent/WEB-INF/web.xml b/ webgoat/main/project/WebContent/WEB-INF/web.xml
index eafb034d3..89098a714 100644
--- a/ webgoat/main/project/WebContent/WEB-INF/web.xml	
+++ b/ webgoat/main/project/WebContent/WEB-INF/web.xml	
@@ -1,336 +1,366 @@
-<?xml version="1.0" encoding="ISO-8859-1"?>
-<!DOCTYPE web-app 
-    PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" 
-    "http://java.sun.com/dtd/web-app_2_3.dtd">
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!DOCTYPE web-app 
+    PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" 
+    "http://java.sun.com/dtd/web-app_2_3.dtd">
+
+<web-app>
+
+    <!-- General description of your web application -->
+    <display-name>WebGoat</display-name>
+    <description>
+      This web application is designed to demonstrate web
+      application security flaws for the purpose of educating
+      developers and security professionals about web
+      application security problems. The initial version was
+      written by Aspect Security (info@aspectsecurity.com), 
+      and was donated to the OWASP.
+    </description>
+
+
+
+   <!-- Context initialization parameters that define shared
+         String constants used within your application, which
+         can be customized by the system administrator who is
+         installing your application.  The values actually
+         assigned to these parameters can be retrieved in a
+         servlet or JSP page by calling:
+
+             String value =
+               getServletContext().getInitParameter("name");
+
+         where "name" matches the <param-name> element of
+         one of these initialization parameters.
+
+         You can define any number of context initialization
+         parameters, including zero.
+    -->
+
+    <context-param>
+      <param-name>email</param-name>
+      <param-value>info@aspectsecurity.com</param-value>
+      <description>
+        The EMAIL address of the administrator to whom questions
+        and comments about this application should be addressed.
+      </description>
+    </context-param>
 
-<web-app>
-
-    <!-- General description of your web application -->
-    <display-name>WebGoat</display-name>
-    <description>
-      This web application is designed to demonstrate web
-      application security flaws for the purpose of educating
-      developers and security professionals about web
-      application security problems. The initial version was
-      written by Aspect Security (info@aspectsecurity.com), 
-      and was donated to the OWASP.
-    </description>
-
-
-
-   <!-- Context initialization parameters that define shared
-         String constants used within your application, which
-         can be customized by the system administrator who is
-         installing your application.  The values actually
-         assigned to these parameters can be retrieved in a
-         servlet or JSP page by calling:
-
-             String value =
-               getServletContext().getInitParameter("name");
-
-         where "name" matches the <param-name> element of
-         one of these initialization parameters.
-
-         You can define any number of context initialization
-         parameters, including zero.
-    -->
+    <!-- Enable the following two elements if you want to integrate with 
+    OWASP Site Generator, the OSGServerName represents the server on which the
+    OSG desktop application resides and the OSGServerPort represents the port it is
+    listening to-->
+    <!--
+    <context-param>
+      <param-name>OSGServerName</param-name>
+      <param-value>localhost</param-value>
+      <description>Enable this element if you want to integrate with
+      OWASP Site Generator 
+      </description>
+    </context-param>
 
     <context-param>
-      <param-name>email</param-name>
-      <param-value>info@aspectsecurity.com</param-value>
+      <param-name>OSGServerPort</param-name>
+      <param-value>4000</param-value>
       <description>
         The EMAIL address of the administrator to whom questions
         and comments about this application should be addressed.
       </description>
     </context-param>
-
-    <!-- Servlet definitions for the servlets that make up
-         your web application, including initialization
-         parameters.  With Tomcat, you can also send requests
-         to servlets not listed here with a request like this:
-
-           http://localhost:8080/{context-path}/servlet/{classname}
-
-         but this usage is not guaranteed to be portable.  It also
-         makes relative references to images and other resources
-         required by your servlet more complicated, so defining
-         all of your servlets (and defining a mapping to them with
-         a servlet-mapping element) is recommended.
-
-         Servlet initialization parameters can be retrieved in a
-         servlet or JSP page by calling:
-
-            String value =
-               getServletConfig().getInitParameter("name");
-
-         where "name" matches the <param-name> element of
-         one of these initialization parameters.
-
-         You can define any number of servlets, including zero.
-    -->
-
-    <servlet>
-      <servlet-name>AxisServlet</servlet-name>
-      <display-name>Apache-Axis Servlet</display-name>
-      <servlet-class>
-          org.apache.axis.transport.http.AxisServlet
-      </servlet-class>
-    </servlet>
- 
-    <servlet>
-      <servlet-name>AdminServlet</servlet-name>
-      <display-name>Axis Admin Servlet</display-name>
-      <servlet-class>
-          org.apache.axis.transport.http.AdminServlet
-      </servlet-class>
-      <load-on-startup>100</load-on-startup>
-    </servlet>
-
-    <servlet>
-      <servlet-name>SOAPMonitorService</servlet-name>
-      <display-name>SOAPMonitorService</display-name>
-      <servlet-class>
-          org.apache.axis.monitor.SOAPMonitorService
-      </servlet-class>
-      <init-param>
-        <param-name>SOAPMonitorPort</param-name>
-        <param-value>5001</param-value>
-      </init-param>
-      <load-on-startup>100</load-on-startup>
-    </servlet>
- 
-    <servlet>
-      <servlet-name>WebGoat</servlet-name>
-      <description>
-        This servlet plays the "controller" role in the MVC architecture
-        used in this application.
-
-        The initialization parameter namess for this servlet are the
-        "servlet path" that will be received by this servlet (after the
-        filename extension is removed).  The corresponding value is the
-        name of the action class that will be used to process this request.
-      </description>
-      <servlet-class>org.owasp.webgoat.HammerHead</servlet-class>
-
-	  <init-param>
-            <param-name>debug</param-name>
-            <param-value>false</param-value>
-      </init-param>
-
-      <init-param>
-            <param-name>CookieDebug</param-name>
-            <param-value>true</param-value>
-      </init-param>
-
-      <init-param>
-            <param-name>DefuseOSCommands</param-name>
-            <param-value>false</param-value>
-      </init-param>
-      
-      <init-param>
-            <param-name>Enterprise</param-name>
-            <param-value>true</param-value>
-      </init-param>
-      
-      <init-param>
-      		<!-- Specify an address where you would like comments to be sent.  -->
-      		<!-- This can be any URL or HTML tags, and will appear on the report card and lesson incomplete pages -->
-      		<!-- Use iso8859-1 encoding to represent special characters that might confuse XML parser. For 
-      			 example, replace "<" with "&lt;" and ">" with "&gt;". -->
-            <param-name>FeedbackAddress</param-name>
-            <param-value>
-				&lt;A HREF=mailto:webgoat@aspectsecurity.com&gt;webgoat@aspectsecurity.com&lt;/A&gt;
-            </param-value>
-      </init-param>
-      
-      <init-param>
-            <param-name>DatabaseDriver</param-name>
-            <param-value>
-		    	sun.jdbc.odbc.JdbcOdbcDriver
-                <!--org.enhydra.instantdb.jdbc.idbDriver-->
-            </param-value>
-      </init-param>
-
-      <init-param>
-            <param-name>DatabaseConnectionString</param-name>
-            <param-value>
-		    	<!-- insert the word PATH where you want to insert the realpath to the base of the web context-->
-                <!--jdbc:idb:PATH/database.prp-->
-				jdbc:odbc:;DRIVER=Microsoft Access Driver (*.mdb);DBQ=PATH/webgoat.mdb;PWD=webgoat"
-		    </param-value>
-      </init-param>
-
-      <!-- Load this servlet at server startup time -->
-
-      <load-on-startup>5</load-on-startup>
-
-    </servlet>
-
-
-    <servlet>
-      <servlet-name>LessonSource</servlet-name>
-      <description>
-        This servlet returns the Java source of the current lesson. 
-      </description>
-      <servlet-class>org.owasp.webgoat.LessonSource</servlet-class>
-    </servlet>
-	<servlet>
-		<servlet-name>validate</servlet-name>
-		<servlet-class>org.owasp.webgoat.servlets.ValidateServlet</servlet-class>
-	</servlet>
-	<servlet>
-	     <servlet-name>config</servlet-name>
-	     <jsp-file>/lessons/ConfManagement/config.jsp</jsp-file>
-	</servlet>
-	
-    <!-- Define mappings that are used by the servlet container to
-         translate a particular request URI (context-relative) to a
-         particular servlet.  The examples below correspond to the
-         servlet descriptions above.  Thus, a request URI like:
-
-           http://localhost:8080/{contextpath}/graph
-
-         will be mapped to the "graph" servlet, while a request like:
-
-           http://localhost:8080/{contextpath}/saveCustomer.do
-
-         will be mapped to the "controller" servlet.
-
-         You may define any number of servlet mappings, including zero.
-         It is also legal to define more than one mapping for the same
-         servlet, if you wish to.
-    -->
-
-
-    <servlet-mapping>
-      <servlet-name>AxisServlet</servlet-name>
-      <url-pattern>/servlet/AxisServlet</url-pattern>
-    </servlet-mapping>
- 
-    <servlet-mapping>
-      <servlet-name>AxisServlet</servlet-name>
-      <url-pattern>*.jws</url-pattern>
-    </servlet-mapping>
- 
-    <servlet-mapping>
-      <servlet-name>AxisServlet</servlet-name>
-      <url-pattern>/services/*</url-pattern>
-    </servlet-mapping>
- 
-    <servlet-mapping>
-      <servlet-name>SOAPMonitorService</servlet-name>
-      <url-pattern>/SOAPMonitor</url-pattern>
-    </servlet-mapping>
- 
-    <!-- uncomment this if you want the admin servlet -->
-    <!--
-    <servlet-mapping>
-      <servlet-name>AdminServlet</servlet-name>
-      <url-pattern>/servlet/AdminServlet</url-pattern>
-    </servlet-mapping>
-     -->
-
-    <servlet-mapping>
-      <servlet-name>WebGoat</servlet-name>
-      <url-pattern>/attack</url-pattern>
-    </servlet-mapping>
-
-	<servlet-mapping>
-	     <servlet-name>config</servlet-name>
-	     <url-pattern>/config</url-pattern>
-	</servlet-mapping>
-    
-	<servlet-mapping>
-	     <servlet-name>validate</servlet-name>
-	     <url-pattern>/validate</url-pattern>
-	</servlet-mapping>
-
-    <servlet-mapping>
-      <servlet-name>LessonSource</servlet-name>
-      <url-pattern>/source</url-pattern>
-    </servlet-mapping>
-
-    
-    <!-- Define the default session timeout for your application,
-         in minutes.  From a servlet or JSP page, you can modify
-         the timeout for a particular session dynamically by using
-         HttpSession.getMaxInactiveInterval(). -->
-
-    <session-config>
-    	<!-- 2 days -->
-        <session-timeout>2880</session-timeout>
-    </session-config>
-
-    <mime-mapping>
-        <extension>wmv</extension>
-        <mime-type>video/x-ms-wmv</mime-type>
-    </mime-mapping>
-
-	<!-- Define reference to the user database for looking up roles -->
-	<resource-env-ref>
-	    <description>
-	      Link to the UserDatabase instance from which we request lists of
-	      defined role names.  Typically, this will be connected to the global
-	      user database with a ResourceLink element in server.xml or the context
-	      configuration file for the Manager web application.
-	    </description>
-	    <resource-env-ref-name>users</resource-env-ref-name>
-	    <resource-env-ref-type>
-	      org.apache.catalina.UserDatabase
-	    </resource-env-ref-type>
-	</resource-env-ref>
-	
-
-	<!-- Define a Security Constraint on this Application -->
-	<security-constraint>
-	    <web-resource-collection>
-	      <web-resource-name>WebGoat Application</web-resource-name>
-	      <url-pattern>/*</url-pattern>
-	    </web-resource-collection>
-	    <auth-constraint>
-	       <role-name>webgoat_user</role-name>
-	       <role-name>webgoat_admin</role-name>
-	       <role-name>webgoat_challenge</role-name>
-	    </auth-constraint>
-	</security-constraint>
-	
-	<security-constraint>
-	    <web-resource-collection>
-	      <web-resource-name>WebGoat Application Source</web-resource-name>
-	      <url-pattern>/JavaSource/*</url-pattern>
-	    </web-resource-collection>
-	    <auth-constraint>
-	       <role-name>server_admin</role-name>
-	    </auth-constraint>
-	</security-constraint>
-	
-	
-	<!-- Login configuration uses BASIC authentication -->
-	<login-config>
-	    <auth-method>BASIC</auth-method>
-	    <realm-name>WebGoat Application</realm-name>
-	</login-config>
-	
-	<!-- Security roles referenced by this web application -->
-	<security-role>
-	    <description>The role that is required to administrate WebGoat</description>
-	    <role-name>webgoat_admin</role-name>
-	</security-role>
-	
-	<security-role>
-	    <description>The role that is required to start the challenge log viewer</description>
-	    <role-name>webgoat_challenge</role-name>
-	</security-role>
-
-	<security-role>
-	    <description>The role that is required to use WebGoat</description>
-	    <role-name>webgoat_user</role-name>
-	</security-role>
-	
-		<security-role>
-	    <description>This role is for admins only</description>
-	    <role-name>server_admin</role-name>
-	</security-role>
-	
-</web-app>
-
+	-->
+    <!-- Servlet definitions for the servlets that make up
+         your web application, including initialization
+         parameters.  With Tomcat, you can also send requests
+         to servlets not listed here with a request like this:
+
+           http://localhost:8080/{context-path}/servlet/{classname}
+
+         but this usage is not guaranteed to be portable.  It also
+         makes relative references to images and other resources
+         required by your servlet more complicated, so defining
+         all of your servlets (and defining a mapping to them with
+         a servlet-mapping element) is recommended.
+
+         Servlet initialization parameters can be retrieved in a
+         servlet or JSP page by calling:
+
+            String value =
+               getServletConfig().getInitParameter("name");
+
+         where "name" matches the <param-name> element of
+         one of these initialization parameters.
+
+         You can define any number of servlets, including zero.
+    -->
+	<filter>
+		<filter-name>Interceptor</filter-name>
+		<filter-class>org.owasp.webgoat.util.Interceptor</filter-class>
+	</filter>
+	<filter-mapping>
+		<filter-name>Interceptor</filter-name>
+		 <url-pattern>/*</url-pattern>
+	</filter-mapping>
+    <servlet>
+      <servlet-name>AxisServlet</servlet-name>
+      <display-name>Apache-Axis Servlet</display-name>
+      <servlet-class>
+          org.apache.axis.transport.http.AxisServlet
+      </servlet-class>
+    </servlet>
+ 
+    <servlet>
+      <servlet-name>AdminServlet</servlet-name>
+      <display-name>Axis Admin Servlet</display-name>
+      <servlet-class>
+          org.apache.axis.transport.http.AdminServlet
+      </servlet-class>
+      <load-on-startup>100</load-on-startup>
+    </servlet>
+
+    <servlet>
+      <servlet-name>SOAPMonitorService</servlet-name>
+      <display-name>SOAPMonitorService</display-name>
+      <servlet-class>
+          org.apache.axis.monitor.SOAPMonitorService
+      </servlet-class>
+      <init-param>
+        <param-name>SOAPMonitorPort</param-name>
+        <param-value>5001</param-value>
+      </init-param>
+      <load-on-startup>100</load-on-startup>
+    </servlet>
+ 
+    <servlet>
+      <servlet-name>WebGoat</servlet-name>
+      <description>
+        This servlet plays the "controller" role in the MVC architecture
+        used in this application.
+
+        The initialization parameter namess for this servlet are the
+        "servlet path" that will be received by this servlet (after the
+        filename extension is removed).  The corresponding value is the
+        name of the action class that will be used to process this request.
+      </description>
+      <servlet-class>org.owasp.webgoat.HammerHead</servlet-class>
+
+	  <init-param>
+            <param-name>debug</param-name>
+            <param-value>false</param-value>
+      </init-param>
+
+      <init-param>
+            <param-name>CookieDebug</param-name>
+            <param-value>true</param-value>
+      </init-param>
+
+      <init-param>
+            <param-name>DefuseOSCommands</param-name>
+            <param-value>false</param-value>
+      </init-param>
+      
+      <init-param>
+            <param-name>Enterprise</param-name>
+            <param-value>true</param-value>
+      </init-param>
+      
+      <init-param>
+      		<!-- Specify an address where you would like comments to be sent.  -->
+      		<!-- This can be any URL or HTML tags, and will appear on the report card and lesson incomplete pages -->
+      		<!-- Use iso8859-1 encoding to represent special characters that might confuse XML parser. For 
+      			 example, replace "<" with "&lt;" and ">" with "&gt;". -->
+            <param-name>FeedbackAddress</param-name>
+            <param-value>
+				&lt;A HREF=mailto:webgoat@aspectsecurity.com&gt;webgoat@aspectsecurity.com&lt;/A&gt;
+            </param-value>
+      </init-param>
+      
+      <init-param>
+            <param-name>DatabaseDriver</param-name>
+            <param-value>
+		    	sun.jdbc.odbc.JdbcOdbcDriver
+                <!--org.enhydra.instantdb.jdbc.idbDriver-->
+            </param-value>
+      </init-param>
+
+      <init-param>
+            <param-name>DatabaseConnectionString</param-name>
+            <param-value>
+		    	<!-- insert the word PATH where you want to insert the realpath to the base of the web context-->
+                <!--jdbc:idb:PATH/database.prp-->
+				jdbc:odbc:;DRIVER=Microsoft Access Driver (*.mdb);DBQ=PATH/webgoat.mdb;PWD=webgoat"
+		    </param-value>
+      </init-param>
+
+      <!-- Load this servlet at server startup time -->
+
+      <load-on-startup>5</load-on-startup>
+
+    </servlet>
+
+
+    <servlet>
+      <servlet-name>LessonSource</servlet-name>
+      <description>
+        This servlet returns the Java source of the current lesson. 
+      </description>
+      <servlet-class>org.owasp.webgoat.LessonSource</servlet-class>
+    </servlet>
+	<servlet>
+		<servlet-name>validate</servlet-name>
+		<servlet-class>org.owasp.webgoat.servlets.ValidateServlet</servlet-class>
+	</servlet>
+	<servlet>
+	     <servlet-name>config</servlet-name>
+	     <jsp-file>/lessons/ConfManagement/config.jsp</jsp-file>
+	</servlet>
+	
+    <!-- Define mappings that are used by the servlet container to
+         translate a particular request URI (context-relative) to a
+         particular servlet.  The examples below correspond to the
+         servlet descriptions above.  Thus, a request URI like:
+
+           http://localhost:8080/{contextpath}/graph
+
+         will be mapped to the "graph" servlet, while a request like:
+
+           http://localhost:8080/{contextpath}/saveCustomer.do
+
+         will be mapped to the "controller" servlet.
+
+         You may define any number of servlet mappings, including zero.
+         It is also legal to define more than one mapping for the same
+         servlet, if you wish to.
+    -->
+
+
+    <servlet-mapping>
+      <servlet-name>AxisServlet</servlet-name>
+      <url-pattern>/servlet/AxisServlet</url-pattern>
+    </servlet-mapping>
+ 
+    <servlet-mapping>
+      <servlet-name>AxisServlet</servlet-name>
+      <url-pattern>*.jws</url-pattern>
+    </servlet-mapping>
+ 
+    <servlet-mapping>
+      <servlet-name>AxisServlet</servlet-name>
+      <url-pattern>/services/*</url-pattern>
+    </servlet-mapping>
+ 
+    <servlet-mapping>
+      <servlet-name>SOAPMonitorService</servlet-name>
+      <url-pattern>/SOAPMonitor</url-pattern>
+    </servlet-mapping>
+ 
+    <!-- uncomment this if you want the admin servlet -->
+    <!--
+    <servlet-mapping>
+      <servlet-name>AdminServlet</servlet-name>
+      <url-pattern>/servlet/AdminServlet</url-pattern>
+    </servlet-mapping>
+     -->
+
+    <servlet-mapping>
+      <servlet-name>WebGoat</servlet-name>
+      <url-pattern>/attack</url-pattern>
+    </servlet-mapping>
+
+	<servlet-mapping>
+	     <servlet-name>config</servlet-name>
+	     <url-pattern>/config</url-pattern>
+	</servlet-mapping>
+    
+	<servlet-mapping>
+	     <servlet-name>validate</servlet-name>
+	     <url-pattern>/validate</url-pattern>
+	</servlet-mapping>
+
+    <servlet-mapping>
+      <servlet-name>LessonSource</servlet-name>
+      <url-pattern>/source</url-pattern>
+    </servlet-mapping>
+
+    
+    <!-- Define the default session timeout for your application,
+         in minutes.  From a servlet or JSP page, you can modify
+         the timeout for a particular session dynamically by using
+         HttpSession.getMaxInactiveInterval(). -->
+
+    <session-config>
+    	<!-- 2 days -->
+        <session-timeout>2880</session-timeout>
+    </session-config>
+
+    <mime-mapping>
+        <extension>wmv</extension>
+        <mime-type>video/x-ms-wmv</mime-type>
+    </mime-mapping>
+
+	<!-- Define reference to the user database for looking up roles -->
+	<resource-env-ref>
+	    <description>
+	      Link to the UserDatabase instance from which we request lists of
+	      defined role names.  Typically, this will be connected to the global
+	      user database with a ResourceLink element in server.xml or the context
+	      configuration file for the Manager web application.
+	    </description>
+	    <resource-env-ref-name>users</resource-env-ref-name>
+	    <resource-env-ref-type>
+	      org.apache.catalina.UserDatabase
+	    </resource-env-ref-type>
+	</resource-env-ref>
+	
+
+	<!-- Define a Security Constraint on this Application -->
+	<security-constraint>
+	    <web-resource-collection>
+	      <web-resource-name>WebGoat Application</web-resource-name>
+	      <url-pattern>/*</url-pattern>
+	    </web-resource-collection>
+	    <auth-constraint>
+	       <role-name>webgoat_user</role-name>
+	       <role-name>webgoat_admin</role-name>
+	       <role-name>webgoat_challenge</role-name>
+	    </auth-constraint>
+	</security-constraint>
+	
+	<security-constraint>
+	    <web-resource-collection>
+	      <web-resource-name>WebGoat Application Source</web-resource-name>
+	      <url-pattern>/JavaSource/*</url-pattern>
+	    </web-resource-collection>
+	    <auth-constraint>
+	       <role-name>server_admin</role-name>
+	    </auth-constraint>
+	</security-constraint>
+	
+	
+	<!-- Login configuration uses BASIC authentication -->
+	<login-config>
+	    <auth-method>BASIC</auth-method>
+	    <realm-name>WebGoat Application</realm-name>
+	</login-config>
+	
+	<!-- Security roles referenced by this web application -->
+	<security-role>
+	    <description>The role that is required to administrate WebGoat</description>
+	    <role-name>webgoat_admin</role-name>
+	</security-role>
+	
+	<security-role>
+	    <description>The role that is required to start the challenge log viewer</description>
+	    <role-name>webgoat_challenge</role-name>
+	</security-role>
+
+	<security-role>
+	    <description>The role that is required to use WebGoat</description>
+	    <role-name>webgoat_user</role-name>
+	</security-role>
+	
+		<security-role>
+	    <description>This role is for admins only</description>
+	    <role-name>server_admin</role-name>
+	</security-role>
+	
+</web-app>
+
+
diff --git a/ webgoat/main/project/WebContent/lesson_plans/DOMInjection.html b/ webgoat/main/project/WebContent/lesson_plans/DOMInjection.html
new file mode 100644
index 000000000..2d03e8738
--- /dev/null
+++ b/ webgoat/main/project/WebContent/lesson_plans/DOMInjection.html	
@@ -0,0 +1,22 @@
+<div align="Center"> 
+<p><b>Lesson Plan Title:</b>DOM Injection. </p>
+ </div>
+ 
+<p><b>Concept / Topic To Teach:</b> </p>
+How to perform DOM injection attacks.
+ <br> 
+<div align="Left"> 
+<p>
+<b>How the attacks works:</b>
+</p>
+Some applications specially the ones that uses AJAX manipulates and updates the DOM
+directly using javascript, DHTML and eval.<br>
+An attacker may take advantage of that by intercepting the reply and try to inject some 
+javascript commands to exploit his attacks.
+</div>
+<p><b>General Goal(s):</b> </p>
+<!-- Start Instructions -->
+* Your victim is a system that takes an activatation key to allow you to use it.
+* Your goal should be to try to get to enable the activate button.<br>
+* Take some time to see the HTML source in order to understand how does it work.<br>
+<!-- Stop Instructions -->