Spoofing an Authentication Cookie lesson

2021-08-08 23:30:05 +02:00
parent a4218b0016
commit 8e567b0f86
17 changed files with 875 additions and 1 deletions
--- a/webgoat-container/src/main/java/org/owasp/webgoat/lessons/Category.java
+++ b/webgoat-container/src/main/java/org/owasp/webgoat/lessons/Category.java
@ -48,6 +48,7 @@ public enum Category {
    XSS("(A7) Cross-Site Scripting (XSS)", 307),
    INSECURE_DESERIALIZATION("(A8) Insecure Deserialization", 308),
    VULNERABLE_COMPONENTS("(A9) Vulnerable Components", 309),
+    SESSION_MANAGEMENT("(A10) Session Management Flaws", 310),
    
    REQUEST_FORGERIES("(A8:2013) Request Forgeries", 318),

@ -66,7 +67,6 @@ public enum Category {
    DOS("Denial of Service", 1500),
    MALICIOUS_EXECUTION("Malicious Execution", 1600),
    CLIENT_SIDE("Client side", 1700),
-    SESSION_MANAGEMENT("Session Management Flaws", 1800),
    WEB_SERVICES("Web Services", 1900),
    ADMIN_FUNCTIONS("Admin Functions", 2000),
    CHALLENGE("Challenges", 3000);