diff --git a/webgoat-integration-tests/src/test/java/org/owasp/webgoat/ChallengeTest.java b/webgoat-integration-tests/src/test/java/org/owasp/webgoat/ChallengeTest.java
index 7b62abd88..7eea53f56 100644
--- a/webgoat-integration-tests/src/test/java/org/owasp/webgoat/ChallengeTest.java
+++ b/webgoat-integration-tests/src/test/java/org/owasp/webgoat/ChallengeTest.java
@@ -69,5 +69,46 @@ public class ChallengeTest extends IntegrationTest {
                 .get("find { it.username == \"" + getWebgoatUser() + "\" }.flagsCaptured");
         assertTrue(capturefFlags.contains("Admin lost password"));
     }
+	
+	@Test
+    public void testChallenge5() {
+    	startLesson("Challenge5");      
+    	
+    	Map<String, Object> params = new HashMap<>();
+        params.clear();
+        params.put("username_login", "Larry");
+        params.put("password_login", "1' or '1'='1");
+       
+        String result = 
+        		RestAssured.given()
+                .when()
+                .relaxedHTTPSValidation()
+                .cookie("JSESSIONID", getWebGoatCookie())
+                .formParams(params)
+                .post(url("/WebGoat/challenge/5"))
+                .then()
+                .statusCode(200)
+                .extract().asString();
+        
+        String flag = result.substring(result.indexOf("flag")+6,result.indexOf("flag")+42);
+    	params.clear();
+       	params.put("flag", flag);
+        checkAssignment(url("/WebGoat/challenge/flag"), params, true);
+         
+  
+        checkResults("/challenge/5");      
+        
+        List<String> capturefFlags = 
+        		RestAssured.given()
+                .when()
+                .relaxedHTTPSValidation()
+                .cookie("JSESSIONID", getWebGoatCookie())
+                .get(url("/WebGoat/scoreboard-data"))
+                .then()
+                .statusCode(200)
+                .extract().jsonPath()
+                .get("find { it.username == \"" + getWebgoatUser() + "\" }.flagsCaptured");
+        assertTrue(capturefFlags.contains("Without password"));
+    }
     
 }
diff --git a/webgoat-integration-tests/src/test/java/org/owasp/webgoat/SSRFTest.java b/webgoat-integration-tests/src/test/java/org/owasp/webgoat/SSRFTest.java
new file mode 100644
index 000000000..05efaab84
--- /dev/null
+++ b/webgoat-integration-tests/src/test/java/org/owasp/webgoat/SSRFTest.java
@@ -0,0 +1,30 @@
+package org.owasp.webgoat;
+
+import java.io.IOException;
+import java.util.HashMap;
+import java.util.Map;
+
+import org.junit.jupiter.api.Test;
+
+public class SSRFTest extends IntegrationTest {
+    
+    @Test
+    public void runTests() throws IOException {
+        startLesson("SSRF");
+        
+        Map<String, Object> params = new HashMap<>();
+        params.clear();
+        params.put("url", "images/jerry.png");
+        
+        checkAssignment(url("/WebGoat/SSRF/task1"),params,true);
+        params.clear();
+        params.put("url", "http://ifconfig.pro");
+        
+        checkAssignment(url("/WebGoat/SSRF/task2"),params,true);
+        
+        checkResults("/SSRF/");
+    
+    }
+    
+    
+}
diff --git a/webgoat-lessons/crypto/src/main/resources/lessonPlans/en/hashing_plan.adoc b/webgoat-lessons/crypto/src/main/resources/lessonPlans/en/hashing_plan.adoc
index 3536b2623..44bd85c23 100644
--- a/webgoat-lessons/crypto/src/main/resources/lessonPlans/en/hashing_plan.adoc
+++ b/webgoat-lessons/crypto/src/main/resources/lessonPlans/en/hashing_plan.adoc
@@ -13,7 +13,7 @@ For these hashes it is possible to change the payload in such a way that it stil
 == Salted Hashes
 
 Plain passwords should obviously not be stored in a database. And the same goes for plain hashes.
-The https://owasp.org/www-project-cheat-sheets/cheatsheets/Password_Storage_Cheat_Sheet.html[OWASP Password Storage Cheat Sheet,window=_blank] explains what should be used when password related information needs to be stored securely.
+The https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html[OWASP Password Storage Cheat Sheet,window=_blank] explains what should be used when password related information needs to be stored securely.
 
 == Assignment
 
diff --git a/webgoat-lessons/csrf/src/main/resources/lessonPlans/en/CSRF_JSON.adoc b/webgoat-lessons/csrf/src/main/resources/lessonPlans/en/CSRF_JSON.adoc
index 41e8e3d4c..2f0a2c339 100644
--- a/webgoat-lessons/csrf/src/main/resources/lessonPlans/en/CSRF_JSON.adoc
+++ b/webgoat-lessons/csrf/src/main/resources/lessonPlans/en/CSRF_JSON.adoc
@@ -11,26 +11,26 @@ To make a long answer short: this is *not* a valid protection against CSRF.
 One example why this protection is not enough can be found https://bugs.chromium.org/p/chromium/issues/detail?id=490015[here].
 Turns out `Navigator.sendBeacon()` was allowed to send POST request with an arbitrary content-type.
 
-[qoute, developer.mozilla.org]
+[quote, 'developer.mozilla.org']
 ____
 The navigator.sendBeacon() method can be used to asynchronously transfer a small amount of
 data over HTTP to a web server. This method addresses the needs of analytics and diagnostics
 code that typically attempts to send data to a web server prior to the unloading of the
-document. Sending the data any sooner may result in a missed opportunity to gather data..."
+document. Sending the data any sooner may result in a missed opportunity to gather data...
 ____
 
 {nbsp} +
 For example:
 
 [source]
-----
+--
 function postBeacon() {
     var data= new Blob([JSON.stringify({"author" :"WebGoat"})], {type : 'application/json'});
     navigator.sendBeacon("http://localhost:8083", data)
 }
-----
+--
 
-[quote, Eduardo Vela]
+[quote, 'Eduardo Vela']
 ____
 I think Content-Type restrictions are useful for websites that are accidentally safe against CSRF. They are not meant to be, but they are because they happen to only accept XML or JSON payloads.
 
diff --git a/webgoat-lessons/sql-injection/src/main/resources/lessonPlans/en/SqlInjection_introduction_content5_after.adoc b/webgoat-lessons/sql-injection/src/main/resources/lessonPlans/en/SqlInjection_introduction_content5_after.adoc
index daccbf443..b162504ac 100644
--- a/webgoat-lessons/sql-injection/src/main/resources/lessonPlans/en/SqlInjection_introduction_content5_after.adoc
+++ b/webgoat-lessons/sql-injection/src/main/resources/lessonPlans/en/SqlInjection_introduction_content5_after.adoc
@@ -1,6 +1,6 @@
-{nbsp} +
+== Examples
 
-==== Here are some examples of what a hacker could supply to the input field to perform actions on the database that go further than just reading the data of a single user:
+Here are some examples of what a hacker could supply to the input field to perform actions on the database that go further than just reading the data of a single user:
 
 * `+Smith’ OR '1' = '1+` +
 results in `+SELECT * FROM users WHERE name = 'Smith' OR TRUE;+` and that way will return all entries from the users table
diff --git a/webgoat-lessons/ssrf/src/main/resources/html/SSRF.html b/webgoat-lessons/ssrf/src/main/resources/html/SSRF.html
index 0ed0c7907..fe2cba273 100755
--- a/webgoat-lessons/ssrf/src/main/resources/html/SSRF.html
+++ b/webgoat-lessons/ssrf/src/main/resources/html/SSRF.html
@@ -15,7 +15,7 @@
                   action="/WebGoat/SSRF/task1">
                 <table>
                     <tr>
-                        <input type="hidden" id="url" name="url" value="images/tom.png"/>
+                        <td><input type="hidden" id="url" name="url" value="images/tom.png"/></td>
 
                         <td><input
                                 name="Steal the Cheese" value="Steal the Cheese" type="SUBMIT"/></td>
@@ -37,10 +37,10 @@
                   action="/WebGoat/SSRF/task2">
                 <table>
                     <tr>
-                        <input type="hidden" id="url" name="url" value="images/cat.png"/>
+                        <td><input type="hidden" id="url" name="url" value="images/cat.png"/></td>
 
                         <td><input
-                                name="Run Ifconfig" value="Run Ifconfig" type="SUBMIT"/></td>
+                                name="try this" value="try this" type="SUBMIT"/></td>
                         <td></td>
                     </tr>
                 </table>
diff --git a/webgoat-lessons/ssrf/src/main/resources/lessonPlans/en/SSRF_Intro.adoc b/webgoat-lessons/ssrf/src/main/resources/lessonPlans/en/SSRF_Intro.adoc
index 03b06fdac..62975c72c 100755
--- a/webgoat-lessons/ssrf/src/main/resources/lessonPlans/en/SSRF_Intro.adoc
+++ b/webgoat-lessons/ssrf/src/main/resources/lessonPlans/en/SSRF_Intro.adoc
@@ -1,12 +1,13 @@
 
 == Concept
-In a Server-Side Request Forgery (SSRF) attack, the attacker can abuse functionality on the server to read or update internal resources. The attacker can supply or a modify a URL which the code running on the server will read or submit data to, and by carefully selecting the URLs, the attacker may be able to read server configuration such as AWS metadata, connect to internal services like http enabled databases or perform post requests towards internal services which are not intended to be exposed.
+In a Server-Side Request Forgery (SSRF) attack, the attacker can abuse functionality on the server to read or update internal resources. The attacker can supply or modify a URL which the code running on the server will read or submit data to. And, by carefully selecting the URLs, the attacker may be able to read server configuration such as AWS metadata, connect to internal services like HTTP enabled databases or perform post requests towards internal services which are not intended to be exposed.
 
 == Goals
-* The user will need to modify the URL.
+In the exercises on the next pages, you need to examine what the browser sends to the server and how you can adjust the request to get other things from the server.
 
 == SSRF How-To
 * https://www.hackerone.com/blog-How-To-Server-Side-Request-Forgery-SSRF
 
 == A New Era of SSRF by Orange Tsai
-* https://www.youtube.com/watch?v=D1S-G8rJrEk
\ No newline at end of file
+
+video::D1S-G8rJrEk[youtube, height=480, width=100%]
diff --git a/webgoat-lessons/ssrf/src/main/resources/lessonPlans/en/SSRF_Task1.adoc b/webgoat-lessons/ssrf/src/main/resources/lessonPlans/en/SSRF_Task1.adoc
index bedc3f879..444f6baf0 100755
--- a/webgoat-lessons/ssrf/src/main/resources/lessonPlans/en/SSRF_Task1.adoc
+++ b/webgoat-lessons/ssrf/src/main/resources/lessonPlans/en/SSRF_Task1.adoc
@@ -1,2 +1,2 @@
-=== Change the URL to display Jerry 
-
+=== Find and modify the request to display Jerry 
+lick the button and figure out what happened.
diff --git a/webgoat-lessons/ssrf/src/main/resources/lessonPlans/en/SSRF_Task2.adoc b/webgoat-lessons/ssrf/src/main/resources/lessonPlans/en/SSRF_Task2.adoc
index b8a457a52..e97f7ace5 100755
--- a/webgoat-lessons/ssrf/src/main/resources/lessonPlans/en/SSRF_Task2.adoc
+++ b/webgoat-lessons/ssrf/src/main/resources/lessonPlans/en/SSRF_Task2.adoc
@@ -1,2 +1,2 @@
-=== Change the URL to display the Interface Configuration with ifconfig.pro
-
+=== Change the request so the server gets information from http://ifconfig.pro
+Click the button and figure out what happened.
diff --git a/webgoat-lessons/vulnerable-components/src/main/resources/html/VulnerableComponents.html b/webgoat-lessons/vulnerable-components/src/main/resources/html/VulnerableComponents.html
index 66d754a44..a71d4b805 100644
--- a/webgoat-lessons/vulnerable-components/src/main/resources/html/VulnerableComponents.html
+++ b/webgoat-lessons/vulnerable-components/src/main/resources/html/VulnerableComponents.html
@@ -4,42 +4,24 @@
 
     <link rel="stylesheet" type="text/css" href="http://code.jquery.com/ui/1.9.1/themes/base/jquery-ui.css" />
 	<div class="lesson-page-wrapper">
-        <!-- reuse this lesson-page-wrapper block for each 'page' of content in your lesson -->
-		<!-- include content here, or can be placed in another location. Content will be presented via asciidocs files,
-		which you put in src/main/resources/plugin/lessonplans/{lang}/{fileName}.adoc -->
-		<div class="adoc-content" th:replace="doc:VulnerableComponents_plan.adoc"></div>
+        <div class="adoc-content" th:replace="doc:VulnerableComponents_plan.adoc"></div>
 	</div>
 	<div class="lesson-page-wrapper">
-        <!-- reuse this lesson-page-wrapper block for each 'page' of content in your lesson -->
-		<!-- include content here, or can be placed in another location. Content will be presented via asciidocs files,
-		which you put in src/main/resources/plugin/lessonplans/{lang}/{fileName}.adoc -->
-		<div class="adoc-content" th:replace="doc:VulnerableComponents_content0.adoc"></div>
+        <div class="adoc-content" th:replace="doc:VulnerableComponents_content0.adoc"></div>
 	</div>
 	<div class="lesson-page-wrapper">
-        <!-- reuse this lesson-page-wrapper block for each 'page' of content in your lesson -->
-		<!-- include content here, or can be placed in another location. Content will be presented via asciidocs files,
-		which you put in src/main/resources/plugin/lessonplans/{lang}/{fileName}.adoc -->
-		<div class="adoc-content" th:replace="doc:VulnerableComponents_content1.adoc"></div>
+        <div class="adoc-content" th:replace="doc:VulnerableComponents_content1.adoc"></div>
 	</div>
 	<div class="lesson-page-wrapper">
-        <!-- reuse this lesson-page-wrapper block for each 'page' of content in your lesson -->
-		<!-- include content here, or can be placed in another location. Content will be presented via asciidocs files,
-		which you put in src/main/resources/plugin/lessonplans/{lang}/{fileName}.adoc -->
-		<div class="adoc-content" th:replace="doc:VulnerableComponents_content1a.adoc"></div>
+        <div class="adoc-content" th:replace="doc:VulnerableComponents_content1a.adoc"></div>
 	</div>
 
 	<div class="lesson-page-wrapper">
-        <!-- reuse this lesson-page-wrapper block for each 'page' of content in your lesson -->
-        <!-- include content here. Content will be presented via asciidocs files,
-        which you put in src/main/resources/plugin/lessonplans/{lang}/{fileName}.adoc -->
-		<div class="adoc-content" th:replace="doc:VulnerableComponents_content2.adoc"></div>
+        <div class="adoc-content" th:replace="doc:VulnerableComponents_content2.adoc"></div>
 		<div class="attack-container">
 			<!-- using attack-form class on your form, will allow your request to be ajaxified and stay within the display framework for webgoat -->
 			<div id="lessonContent">
-                <!-- using attack-form class on your form will allow your request to be ajaxified and stay within the display framework for webgoat -->
-                <!-- you can write your own custom forms, but standard form submission will take you to your endpoint and outside of the WebGoat framework -->
-                <!-- of course, you can write your own ajax submission /handling in your own javascript if you like -->
-					<table>
+        			<table>
 						<tr>
 							<td>Clicking go will execute a jquery-ui close dialog:</td>
 							<td><input id="closetext" value="OK<script>alert('XSS')</script>" type="TEXT" /><input
@@ -67,10 +49,7 @@
 		<div class="attack-container">
 			<!-- using attack-form class on your form, will allow your request to be ajaxified and stay within the display framework for webgoat -->
 			<div id="lessonContent">
-                <!-- using attack-form class on your form will allow your request to be ajaxified and stay within the display framework for webgoat -->
-                <!-- you can write your own custom forms, but standard form submission will take you to your endpoint and outside of the WebGoat framework -->
-                <!-- of course, you can write your own ajax submission /handling in your own javascript if you like -->
-					<table>
+        			<table>
 						<tr>
 							<td>Clicking go will execute a jquery-ui close dialog:</td>
 							<td><input id="closetext2" value="OK<script>alert('XSS')</script>" type="TEXT" /><input
@@ -95,53 +74,29 @@
 
 		</div>
 	</div>
-
 	<div class="lesson-page-wrapper">
-        <!-- reuse this lesson-page-wrapper block for each 'page' of content in your lesson -->
-		<!-- include content here, or can be placed in another location. Content will be presented via asciidocs files,
-		which you put in src/main/resources/plugin/lessonplans/{lang}/{fileName}.adoc -->
-		<div class="adoc-content" th:replace="doc:VulnerableComponents_content3.adoc"></div>
+        <div class="adoc-content" th:replace="doc:VulnerableComponents_content3.adoc"></div>
 	</div>
 	<div class="lesson-page-wrapper">
-        <!-- reuse this lesson-page-wrapper block for each 'page' of content in your lesson -->
-		<!-- include content here, or can be placed in another location. Content will be presented via asciidocs files,
-		which you put in src/main/resources/plugin/lessonplans/{lang}/{fileName}.adoc -->
-		<div class="adoc-content" th:replace="doc:VulnerableComponents_content4.adoc"></div>
+        <div class="adoc-content" th:replace="doc:VulnerableComponents_content4.adoc"></div>
 	</div>
 	<div class="lesson-page-wrapper">
-        <!-- reuse this lesson-page-wrapper block for each 'page' of content in your lesson -->
-		<!-- include content here, or can be placed in another location. Content will be presented via asciidocs files,
-		which you put in src/main/resources/plugin/lessonplans/{lang}/{fileName}.adoc -->
-		<div class="adoc-content" th:replace="doc:VulnerableComponents_content4a.adoc"></div>
+        <div class="adoc-content" th:replace="doc:VulnerableComponents_content4a.adoc"></div>
 	</div>
 	<div class="lesson-page-wrapper">
-        <!-- reuse this lesson-page-wrapper block for each 'page' of content in your lesson -->
-		<!-- include content here, or can be placed in another location. Content will be presented via asciidocs files,
-		which you put in src/main/resources/plugin/lessonplans/{lang}/{fileName}.adoc -->
-		<div class="adoc-content" th:replace="doc:VulnerableComponents_content4b.adoc"></div>
+        <div class="adoc-content" th:replace="doc:VulnerableComponents_content4b.adoc"></div>
 	</div>
 	<div class="lesson-page-wrapper">
-        <!-- reuse this lesson-page-wrapper block for each 'page' of content in your lesson -->
-		<!-- include content here, or can be placed in another location. Content will be presented via asciidocs files,
-		which you put in src/main/resources/plugin/lessonplans/{lang}/{fileName}.adoc -->
-		<div class="adoc-content" th:replace="doc:VulnerableComponents_content4c.adoc"></div>
+        <div class="adoc-content" th:replace="doc:VulnerableComponents_content4c.adoc"></div>
 	</div>
 	<div class="lesson-page-wrapper">
-        <!-- reuse this lesson-page-wrapper block for each 'page' of content in your lesson -->
-		<!-- include content here, or can be placed in another location. Content will be presented via asciidocs files,
-		which you put in src/main/resources/plugin/lessonplans/{lang}/{fileName}.adoc -->
-		<div class="adoc-content" th:replace="doc:VulnerableComponents_content5.adoc"></div>
+        <div class="adoc-content" th:replace="doc:VulnerableComponents_content5.adoc"></div>
 	</div>
+	
 	<div class="lesson-page-wrapper">
-        <!-- reuse this lesson-page-wrapper block for each 'page' of content in your lesson -->
-		<!-- include content here, or can be placed in another location. Content will be presented via asciidocs files,
-		which you put in src/main/resources/plugin/lessonplans/{lang}/{fileName}.adoc -->
-		<div class="adoc-content" th:replace="doc:VulnerableComponents_content5a.adoc"></div>
+        <div class="adoc-content" th:replace="doc:VulnerableComponents_content5a.adoc"></div>
 		<div class="attack-container">
 			<div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
-			<!-- using attack-form class on your form will allow your request to be ajaxified and stay within the display framework for webgoat -->
-            <!-- you can write your own custom forms, but standard form submission will take you to your endpoint and outside of the WebGoat framework -->
-            <!-- of course, you can write your own ajax submission /handling in your own javascript if you like -->
 			<form class="attack-form" accept-charset="UNKNOWN"
 				method="POST" name="form"
 				action="/WebGoat/VulnerableComponents/attack1">
@@ -165,10 +120,7 @@
 		</div>
 	</div>
 	<div class="lesson-page-wrapper">
-        <!-- reuse this lesson-page-wrapper block for each 'page' of content in your lesson -->
-		<!-- include content here, or can be placed in another location. Content will be presented via asciidocs files,
-		which you put in src/main/resources/plugin/lessonplans/{lang}/{fileName}.adoc -->
-		<div class="adoc-content" th:replace="doc:VulnerableComponents_content6.adoc"></div>
+        <div class="adoc-content" th:replace="doc:VulnerableComponents_content6.adoc"></div>
 	</div>
 	
 </html>
\ No newline at end of file
diff --git a/webgoat-lessons/vulnerable-components/src/main/resources/lessonPlans/en/VulnerableComponents_content4c.adoc b/webgoat-lessons/vulnerable-components/src/main/resources/lessonPlans/en/VulnerableComponents_content4c.adoc
index bf712d94f..415786a28 100644
--- a/webgoat-lessons/vulnerable-components/src/main/resources/lessonPlans/en/VulnerableComponents_content4c.adoc
+++ b/webgoat-lessons/vulnerable-components/src/main/resources/lessonPlans/en/VulnerableComponents_content4c.adoc
@@ -10,8 +10,6 @@
 
 * It's really difficult to keep components up to date
  
-====
-
 For the components analyzed in 25,000 applications it was found that:
 
 *  8% of  2 year old components did not have a newer version
diff --git a/webgoat-lessons/xxe/src/main/resources/lessonPlans/en/XXE_changing_content_type_solution.adoc b/webgoat-lessons/xxe/src/main/resources/lessonPlans/en/XXE_changing_content_type_solution.adoc
index 954bee265..fdd33830a 100644
--- a/webgoat-lessons/xxe/src/main/resources/lessonPlans/en/XXE_changing_content_type_solution.adoc
+++ b/webgoat-lessons/xxe/src/main/resources/lessonPlans/en/XXE_changing_content_type_solution.adoc
@@ -35,7 +35,7 @@ JSON parse error: Unexpected character '{' (code 123) in prolog; expected
 
 This error message appears because we are still sending a json message towards the endpoint, so if we intercept and change change the json message to a xml message:
 
-[souce]
+[source]
 ----
 POST http://localhost:8080/WebGoat/xxe/content-type HTTP/1.1
 Content-Type: application/xml
diff --git a/webgoat-lessons/xxe/src/main/resources/lessonPlans/en/XXE_mitigation.adoc b/webgoat-lessons/xxe/src/main/resources/lessonPlans/en/XXE_mitigation.adoc
index 52e4e9bf4..93d75b18b 100644
--- a/webgoat-lessons/xxe/src/main/resources/lessonPlans/en/XXE_mitigation.adoc
+++ b/webgoat-lessons/xxe/src/main/resources/lessonPlans/en/XXE_mitigation.adoc
@@ -20,6 +20,6 @@ xif.setProperty(XMLInputFactory.SUPPORT_DTD, true);
 For more information about configuration, see https://cheatsheetseries.owasp.org/cheatsheets/XML_External_Entity_Prevention_Cheat_Sheet.html[XXE prevention sheet]
 
 
-==== Validate
+=== Validate
 
 Implement proper validation for the Content-type and Accept header do not simply rely on the framework to handle the incoming request. If the client specifies a proper accept header return with a `406/Not Acceptable.
\ No newline at end of file