diff --git a/README.md b/README.md index a5538a40a..8990a816d 100644 --- a/README.md +++ b/README.md @@ -47,7 +47,7 @@ docker run -it -p 127.0.0.1:8080:8080 -p 127.0.0.1:9090:9090 -e TZ=Europe/Amster ## 2. Standalone -Download the latest WebGoat and WebWolf release from [https://github.com/WebGoat/WebGoat/releases](https://github.com/WebGoat/WebGoat/releases) +Download the latest WebGoat release from [https://github.com/WebGoat/WebGoat/releases](https://github.com/WebGoat/WebGoat/releases) ```shell java -Dfile.encoding=UTF-8 -jar webgoat-8.2.3.jar diff --git a/src/main/resources/lessons/webwolf_introduction/documentation/IntroductionWebWolf.adoc b/src/main/resources/lessons/webwolf_introduction/documentation/IntroductionWebWolf.adoc index b29ae401a..a71cb1a66 100644 --- a/src/main/resources/lessons/webwolf_introduction/documentation/IntroductionWebWolf.adoc +++ b/src/main/resources/lessons/webwolf_introduction/documentation/IntroductionWebWolf.adoc @@ -1,8 +1,7 @@ == Introducing WebWolf You only need WebWolf if a lesson specifies you can use it. For a lot of lessons you use WebGoat without -starting WebWolf. If you need to do an exercise with WebWolf make sure it is running alongside WebGoat. Lessons -where you can use WebWolf are marked with the following icon (top right in assignment): +starting WebWolf. Lessons where you can use WebWolf are marked with the following icon (top right in assignment): {nbsp} @@ -13,7 +12,7 @@ image::images/wolf-enabled.png[width=115,height=128] Even if the icon is present, you are not obliged to use WebWolf, you can also use any intercepting tool you like. (`netcat` etc.) -WebWolf is a separate web application which simulates an attacker's machine. It makes it possible for us to +WebWolf opens in a new browser tab and is a separate web application which simulates an attacker's machine. It makes it possible for us to make a clear distinction between what takes place on the attacked website and the actions you need to do as an "attacker". WebWolf was introduced after a couple of workshops where we received feedback that there was no clear distinction between what was part of the "attackers" role and what was part of the "users" role on the @@ -23,18 +22,3 @@ website. The following items are supported in WebWolf: * Receiving email * Landing page for incoming requests -WebWolf runs as a separate web application. If you are using the Docker-compose file you can just point your browser webWolfLink:here[] to open WebWolf. -If you want to use the standalone version, you will need to download the jar file and start it: - -``` -java -jar webwolf-<>.jar [--server.port=9090] [--server.address=localhost] -``` - -By default WebWolf starts on port 9090 with `--server.port` you can specify a different port. With `server.address` you -can bind it to a different address (default localhost) - -Note: if you start WebGoat as standalone application you need to start WebWolf as standalone application as well. - - -This will start the application on port 9090, click webWolfLink:here[] to open WebWolf. -The first thing you need to do is login with the user you registered on WebGoat.