dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

* Hints added

Browse Source 
* Solutions added
* Bugfixes
* Introduction added (including how to start with webgoat and useful tools)
* New lesson: Password strength
* New lessons: Multi Level Login
* Not yet working new lesson: Session fixation (inital release)

git-svn-id: http://webgoat.googlecode.com/svn/trunk/webgoat@301 4033779f-a91e-0410-96ef-6bf7bf53c507
This commit is contained in:
wirth.marcel
2008-04-07 14:28:38 +00:00
parent 84f01ba70a
commit 5d930ec235
137 changed files with 4230 additions and 479 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
main/project/WebContent/lesson_plans/UsefulTools.html Normal file
View File

@ -0,0 +1,28 @@
<div align="Center">
<p><b>Lesson Plan Title:</b> Useful Toolst </p>
</div>
<p><b>Concept / Topic To Teach:</b> </p>
<!-- Start Instructions -->
Here we want to present you some useful tools. You will need WebScarab to solve most of the lessons. <br><br>
<b>WebScarab:</b><br><br>
As WebGoat, WebScarab is a part of OWASP. WebScarab is a framework for analysing applications that communicate using the HTTP and HTTPS protocols. Because WebScarab operates as an intercepting proxy, we can review and modify requests and responses.<br><br>
<img src="/WebGoat/images/introduction/webscarab.jpg"><br><br>
Webpage:<a href="http://www.owasp.org/index.php/Category:OWASP_WebScarab_Project">http://www.owasp.org/index.php/Category:OWASP_WebScarab_Project</a>
<br><br>
<b>Firebug:</b><br><br>
Firebug is an add-on for the Firefox browser. We can use it to inspect, edit and monitor CSS, HTML and JavaScript.<br><br>
<img src="/WebGoat/images/introduction/firebug.jpg"><br><br>
Webpage:<a href="http://www.getfirebug.com" target="_blank">http://www.getfirebug.com</a>
<br><br>
<b>IEWatch:</b><br><br>
IEWatch is a tool to analyse HTTP and HTML for users of the Internet Explorer.<br><br>
<img src="/WebGoat/images/introduction/iewatch.jpg"><br><br>
Webpage:<a href="http://www.iewatch.com" target="_blank">http://www.iewatch.com</a>
<br><br>
<b>Scanner:</b><br><br>
There exist a lot of vulnerability scanner for your own web applications. They can find XSS, Injection Flaws and other vulnerabilities. Here the links to two open source scanner. <br><br>
Nessus:<a href="http://www.nessus.org" target="_blank">http://www.nessus.org</a><br>
Paros:<a href="http://www.parosproxy.org" target="_blank">http://www.parosproxy.org</a><br>
<!-- Stop Instructions -->
<br>