dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add TravisCI build badge, cleanup README file

Browse Source
This commit is contained in:
Doug Morato 2015-08-19 20:07:31 -04:00 committed by Nanne Baars
parent 1f63e93d47
commit 4815eecaea
1 changed files with 40 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

66
README.MD
View File

@ -1,9 +1,15 @@
# WebGoat: A deliberately insecure Web Application
[![Build Status](https://travis-ci.org/WebGoat/WebGoat.svg)](https://travis-ci.org/WebGoat/WebGoat)
# Important Information # Important Information
Thank you for downloading WebGoat! This is the WebGoat Lesson Server version. Thank you for downloading WebGoat! This is the WebGoat Lesson Server version.
The lessons need to be installed separately by following the instructions in the For The lessons need to be installed separately by following the instructions in the For
Developers section below. Developers section below.
WebGoat is a deliberately insecure web application maintained by [OWASP](http://www.owasp.org/) designed to teach web application security lessons.
This program is a demonstration of common server-side application flaws. The This program is a demonstration of common server-side application flaws. The
exercises are intended to be used by people to learn about application security and exercises are intended to be used by people to learn about application security and
penetration testing techniques. penetration testing techniques.
@ -13,8 +19,9 @@ penetration testing techniques.
* [Source Code](https://github.com/WebGoat/WebGoat) * [Source Code](https://github.com/WebGoat/WebGoat)
* [Easy-Run Download **TBD**](https://github.com/WebGoat/WebGoat/releases/**TBD**) * [Easy-Run Download **TBD**](https://github.com/WebGoat/WebGoat/releases/**TBD**)
* [Wiki](https://github.com/WebGoat/WebGoat/wiki) * [Wiki](https://github.com/WebGoat/WebGoat/wiki)
* [Contact Info - Direct to Bruce Mayhew](webgoat@owasp.org) * [FAQ (old info):](http://code.google.com/p/webgoat/wiki/FAQ)
* [Mailing List - WebGoat Community - For most questions](owasp-webgoat@lists.owasp.org) * [Project Leader - Direct to Bruce Mayhew](mailto:webgoat@owasp.org)
* [Mailing List - WebGoat Community - For most questions](mailto:owasp-webgoat@lists.owasp.org)
**WARNING 1:** *While running this program your machine will be extremely **WARNING 1:** *While running this program your machine will be extremely
vulnerable to attack. You should to disconnect from the Internet while using vulnerable to attack. You should to disconnect from the Internet while using
@ -37,7 +44,7 @@ You can find more information about WebGoat at:
Follow these instructions if you simply wish to run WebGoat Follow these instructions if you simply wish to run WebGoat
**Prerequisites:** **Prerequisites:**
Java VM >= 1.6 installed ( JDK 1.7 recommended) Java VM >= 1.6 installed ( JDK 1.7 recommended)
@ -47,26 +54,29 @@ Java VM >= 1.6 installed ( JDK 1.7 recommended)
2. Run it using java: 2. Run it using java:
> java -jar WebGoat-6.0-exec-war.jar ```Shell
$ java -jar WebGoat-6.0-exec-war.jar
```
3. Then navigate in your browser to: (http://localhost:8080/WebGoat) 3. Then navigate in your browser to: (http://localhost:8080/WebGoat)
4. If you would like to change the port or other options, use: 4. If you would like to change the port or other options, use:
> java -jar WebGoat-6.0-exec-war.jar --help ```Shell
$ java -jar WebGoat-6.0-exec-war.jar --help
```
# For Developers # For Developers
Follow these instructions if you wish to run Webgoat and modify the source code as well. Follow these instructions if you wish to run Webgoat and modify the source code as well.
**Prerequisites:** **Prerequisites:**
/
* Java >= 1.6 ( JDK 1.7 recommended ) * Java >= 1.6 ( JDK 1.7 recommended )
* Maven > 2.0.9 * Maven > 2.0.9
* Your favorite IDE, with Maven awareness: Netbeans/IntelliJ/Eclipse with m2e installed. * Your favorite IDE, with Maven awareness: Netbeans/IntelliJ/Eclipse with m2e installed.
* Git, or Git support in your IDE * Git, or Git support in your IDE
**Note:** WebGoat source code can be downloaded at: (https://github.com/WebGoat/WebGoat). **Note:** WebGoat source code can be downloaded at: (https://github.com/WebGoat/WebGoat).
@ -74,38 +84,42 @@ Follow these instructions if you wish to run Webgoat and modify the source code
Using a command shell/window: Using a command shell/window:
> mvn clean package ```Shell
$ mvn clean package
Before you can run the project you need to build some lessons. First clone https://github.com/WebGoat/WebGoat-Lessons and run: ```
> cd WebGoat-Lessons Before you can run the project you need to build some lessons first clone https://github.com/WebGoat/WebGoat-Lessons and run:
> mvn package
Now copy the lessons into the WebGoat plugin_lessons folder:
> cp target/plugins/*.jar WebGoat/webgoat-container/target/webgoat-container-6.1.0/plugin_lessons/ ```Shell
$ cd WebGoat-Lessons
$ mvn package
$ cp target/plugins/*.jar WebGoat/webgoat-container/target/webgoat-container-6.1.0/plugin_lessons/
```
Then you can run the project with one of the steps below (From the WebGoat folder not WebGoat-Lessons): Then you can run the project with one of the steps below (From the WebGoat folder not WebGoat-Lessons):
1. Maven-Tomcat Plugin 1. Maven-Tomcat Plugin
using a command shell/window: using a command shell/window:
> mvn -pl webgoat-container tomcat7:run-war ```Shell
$ mvn -pl webgoat-container tomcat7:run-war
Browse to http://localhost:8080/WebGoat ```
Browse to http://localhost:8080/WebGoat
Maven will run the project in an embedded tomcat. Maven will run the project in an embedded tomcat.
2. Java JAR 2. Java JAR
the package phase also builds an executable jar file. You can run it using: the package phase also builds an executable jar file. You can run it using:
> cd webgoat-container/target ```Shell
> java -jar WebGoat-6.0-exec-war.jar $ cd target
$ java -jar WebGoat-6.0-exec-war.jar http://localhost:8080/WebGoat
```
Browse to http://localhost:8080/WebGoat Browse to http://localhost:8080/WebGoat
3. The package phase also builds a war file. You can deploy it using: 3. Tomcat the package phase also builds a war file. You can deploy it using:
> cp target/WebGoat-6.0-exec-war.war <tomcat>/webapps/ ```Shell
$ cp target/WebGoat-6.0-exec-war.war <tomcat>/webapps/
```