dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Refactored files to Maven standard Layout

Browse Source 
Added plugin to produce executable jar. Now it is easy to run webgoat on all platforms.
This commit is contained in:
Dave
2014-08-23 13:07:10 -04:00
parent 5b2a849322
commit a387d06a34
1261 changed files with 22 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
src/main/webapp/lesson_plans/English/TraceXSS.html Normal file
View File

@ -0,0 +1,9 @@
<div align="Center">
<p><b>Lesson Plan Title:</b> How to Perform Cross Site Tracing (XST) Attacks </p>
</div>
<p><b>Concept / Topic To Teach:</b> </p>
<!-- Start Instructions -->
It is always a good practice to scrub all input, especially those inputs that will later be used as parameters to OS commands, scripts, and database queries. It is particularly important for content that will be permanently stored somewhere in the application. Users should not be able to create message content that could cause another user to load an undesireable page or undesireable content when the user's message is retrieved.
<p><b>General Goal(s):</b> </p>
Tomcat is configured to support the HTTP TRACE command. Your goal is to perform a Cross Site Tracing (XST) attack.
<!-- Stop Instructions -->