From 4815eecaea948674cc44f4108422fdeb32c24f49 Mon Sep 17 00:00:00 2001 From: Doug Morato Date: Wed, 19 Aug 2015 20:07:31 -0400 Subject: [PATCH] Add TravisCI build badge, cleanup README file --- README.MD | 66 +++++++++++++++++++++++++++++++++---------------------- 1 file changed, 40 insertions(+), 26 deletions(-) diff --git a/README.MD b/README.MD index b929e6948..0c1aa1453 100644 --- a/README.MD +++ b/README.MD @@ -1,9 +1,15 @@ +# WebGoat: A deliberately insecure Web Application + +[![Build Status](https://travis-ci.org/WebGoat/WebGoat.svg)](https://travis-ci.org/WebGoat/WebGoat) + # Important Information Thank you for downloading WebGoat! This is the WebGoat Lesson Server version. The lessons need to be installed separately by following the instructions in the For Developers section below. +WebGoat is a deliberately insecure web application maintained by [OWASP](http://www.owasp.org/) designed to teach web application security lessons. + This program is a demonstration of common server-side application flaws. The exercises are intended to be used by people to learn about application security and penetration testing techniques. @@ -13,8 +19,9 @@ penetration testing techniques. * [Source Code](https://github.com/WebGoat/WebGoat) * [Easy-Run Download **TBD**](https://github.com/WebGoat/WebGoat/releases/**TBD**) * [Wiki](https://github.com/WebGoat/WebGoat/wiki) -* [Contact Info - Direct to Bruce Mayhew](webgoat@owasp.org) -* [Mailing List - WebGoat Community - For most questions](owasp-webgoat@lists.owasp.org) +* [FAQ (old info):](http://code.google.com/p/webgoat/wiki/FAQ) +* [Project Leader - Direct to Bruce Mayhew](mailto:webgoat@owasp.org) +* [Mailing List - WebGoat Community - For most questions](mailto:owasp-webgoat@lists.owasp.org) **WARNING 1:** *While running this program your machine will be extremely vulnerable to attack. You should to disconnect from the Internet while using @@ -37,7 +44,7 @@ You can find more information about WebGoat at: Follow these instructions if you simply wish to run WebGoat -**Prerequisites:** +**Prerequisites:** Java VM >= 1.6 installed ( JDK 1.7 recommended) @@ -47,26 +54,29 @@ Java VM >= 1.6 installed ( JDK 1.7 recommended) 2. Run it using java: - > java -jar WebGoat-6.0-exec-war.jar +```Shell +$ java -jar WebGoat-6.0-exec-war.jar +``` 3. Then navigate in your browser to: (http://localhost:8080/WebGoat) 4. If you would like to change the port or other options, use: - > java -jar WebGoat-6.0-exec-war.jar --help - +```Shell +$ java -jar WebGoat-6.0-exec-war.jar --help +``` # For Developers Follow these instructions if you wish to run Webgoat and modify the source code as well. **Prerequisites:** - +/ * Java >= 1.6 ( JDK 1.7 recommended ) * Maven > 2.0.9 * Your favorite IDE, with Maven awareness: Netbeans/IntelliJ/Eclipse with m2e installed. * Git, or Git support in your IDE - + **Note:** WebGoat source code can be downloaded at: (https://github.com/WebGoat/WebGoat). @@ -74,38 +84,42 @@ Follow these instructions if you wish to run Webgoat and modify the source code Using a command shell/window: - > mvn clean package - -Before you can run the project you need to build some lessons. First clone https://github.com/WebGoat/WebGoat-Lessons and run: +```Shell +$ mvn clean package +``` - > cd WebGoat-Lessons - > mvn package - -Now copy the lessons into the WebGoat plugin_lessons folder: +Before you can run the project you need to build some lessons first clone https://github.com/WebGoat/WebGoat-Lessons and run: - > cp target/plugins/*.jar WebGoat/webgoat-container/target/webgoat-container-6.1.0/plugin_lessons/ +```Shell + $ cd WebGoat-Lessons + $ mvn package + $ cp target/plugins/*.jar WebGoat/webgoat-container/target/webgoat-container-6.1.0/plugin_lessons/ +``` Then you can run the project with one of the steps below (From the WebGoat folder not WebGoat-Lessons): 1. Maven-Tomcat Plugin using a command shell/window: - > mvn -pl webgoat-container tomcat7:run-war - - Browse to http://localhost:8080/WebGoat - +```Shell +$ mvn -pl webgoat-container tomcat7:run-war +``` +Browse to http://localhost:8080/WebGoat Maven will run the project in an embedded tomcat. 2. Java JAR the package phase also builds an executable jar file. You can run it using: - > cd webgoat-container/target - > java -jar WebGoat-6.0-exec-war.jar +```Shell +$ cd target +$ java -jar WebGoat-6.0-exec-war.jar http://localhost:8080/WebGoat +``` - Browse to http://localhost:8080/WebGoat - +Browse to http://localhost:8080/WebGoat -3. The package phase also builds a war file. You can deploy it using: +3. Tomcat the package phase also builds a war file. You can deploy it using: - > cp target/WebGoat-6.0-exec-war.war /webapps/ +```Shell +$ cp target/WebGoat-6.0-exec-war.war /webapps/ +```