dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2,325 Commits 11 Branches 78 Tags
Commit Graph

99 Commits

Author SHA1 Message Date
René Zubcevic
089952e9ad quiz fix for CIA, SQL Injection Advanced and XSS + XSS description 
change in alert(document.cookie)
 2020-04-17 15:33:26 +02:00
Nanne Baars
6c25cf8e43 Add path traversal lesson 2020-03-10 08:03:48 +01:00
August Detlefsen
208aa42fdb
relax detection regex (#757) 
Allow for content before and after the script; Allow optional semicolon
 2020-02-20 20:00:07 +01:00
René Zubcevic
4e371b63d0
suppressing some useless log messages and banners in unit tests (#752) 
* suppressing some useless log messages and banners in unit tests

* some more log suppressed
 2020-01-25 12:11:45 +01:00
Nanne Baars
5dd6b31905 Adjust lesson template (#704) 
* Remove method `getId()` from all lessons as it defaults to the class name

* remove clean up endpoint

* remove unused class `RequestParameter`

* remove unused class `PluginLoadingFailure`

* Move `CourseConfiguration` to lesson package

* Add more content around the lesson template lesson and make it visible as a lesson in WebGoat

* Remove explicit invocation `trackProgress()` inside WebGoat framework so assignments only need to return an `AttackResult`

* Put original solution back as well for SQL string injection

* review comments

* Add
 2019-11-17 13:39:56 +01:00
Nanne Baars
f40b6ffd31 Moving back to snapshot 2019-11-13 12:27:26 +01:00
Nanne Baars
fe2ac1b8d4 New release, updating pom.xml 2019-11-12 09:22:45 +01:00
Nanne Baars
1a83e2825e Code style (#696) 
* Remove Guava dependency from WebGoat

* Add Checkstyle to the project with very basic standards so we have a
style across lessons. It does not interfere with basic Intellij formatting
 2019-11-03 18:11:09 +01:00
Nanne Baars
d73875e8e8 Remove empty line 2019-10-30 08:28:14 +01:00
Rene Zubcevic
8d7142e6d3 upgrade ascii doc with support for link in new tab 2019-10-15 13:55:34 +02:00
René Zubcevic
0319c477b1
XSS lesson completion fixes (#669) 
* XSS lesson completion fixes

* removed log all

* lesson progress capable of deprecated assignments in the database

* fixed unit test for lesson progress
 2019-09-29 14:46:18 +02:00
Nanne Baars
e8d086ac9b All successful 2019-09-20 07:59:04 +02:00
Nanne Baars
82ad0a7cc7 Finally working 2019-09-18 17:53:43 +02:00
Nanne Baars
f774364461 Working unit tests 2019-09-13 20:05:25 +02:00
Jacob Skiba
7d9f24c86b
Update CrossSiteScripting_content9.adoc 
Fix broken resource link
 2019-08-06 05:26:05 -04:00
Nanne Baars
216b29fca2 Clean up in pom files 2019-07-24 20:37:32 +02:00
Nanne Baars
98537426f2 SNAPSHOT version 2019-05-03 11:15:11 +02:00
Nanne Baars
9b0c4e62c2 New release, updating pom.xml 2019-05-03 09:50:01 +02:00
Rene Zubcevic
4bafc19883 fixed classcast exception on randValue 2019-04-21 13:59:26 +02:00
Rene Zubcevic
48d926491f removed possible NullpointerException and System.out 2019-04-21 13:59:26 +02:00
Marvin Schöning
b8e68d13b8 implement xss (mitigation) assignment 6 2019-03-26 08:43:38 +01:00
Timur Linden
53c16c8b82 fixed minor spelling mistakes, unified wording 2019-03-26 08:43:38 +01:00
Benedikt - Desktop
2be2de8ce1 Added improved quiz for cia-triad and xss 2019-03-26 08:43:38 +01:00
Timur Linden
e8caeedf53 implemented xss-quiz 2019-03-26 08:43:38 +01:00
PhilippeSteinbach
84f67b5a7e changed order of xss mitigation lesson 2019-03-26 08:43:38 +01:00
Benedikt - Desktop
8c7eaf87d6 Fixed package of xss-mititgation assignment. Hints are working again. 2019-03-26 08:43:38 +01:00
Benedikt - Desktop
587c44b52e Removed unused imports. 2019-03-26 08:43:38 +01:00
Benedikt - Desktop
1d9abef80f Page after assignment working again. 2019-03-26 08:43:38 +01:00
PhilippeSteinbach
2f39f48747 deleted unnecessary lines 2019-03-26 08:43:38 +01:00
PhilippeSteinbach
387a0e8e7d assignment now has working feedback 2019-03-26 08:43:38 +01:00
PhilippeSteinbach
0bd14d9178 (wrong branch) updated assignment (OWASP Java Encoder) and hints (still not shown) 2019-03-26 08:43:38 +01:00
PhilippeSteinbach
06a8bd8b0e Strength bar 2019-03-26 08:43:38 +01:00
PhilippeSteinbach
8bc91ba4ec finished assignment 2019-03-26 08:43:38 +01:00
Bene-Notebook
cfce7763f0 Outcommented lines in XSS Lessons 3 that were causing erros 2019-03-26 08:43:38 +01:00
Philippe Steinbach
63502d6328 added jsoup html parser 2019-03-26 08:43:38 +01:00
Philippe Steinbach
971062561d renamed hints 2019-03-26 08:43:38 +01:00
Philippe Steinbach
e7b69c4953 edited table of relevant special chars (\' not recommended because its not in the HTML spec) 2019-03-26 08:43:38 +01:00
Philippe Steinbach
8944bfcc1d implemented xss mitigation assignment 1, draft validation without parser 2019-03-26 08:43:38 +01:00
Philippe Steinbach
6327b82204 ace editor text as request parameter 2019-03-26 08:43:38 +01:00
Philippe Steinbach
f209c424b4 mitigation preparations 2019-03-26 08:43:38 +01:00
Philippe Steinbach
73c2313658 added assignment draft (not working yet) 2019-03-26 08:43:38 +01:00
Benedikt - Desktop
eb29ed00ff Removed old unused files from XSS 2019-03-26 08:43:38 +01:00
Benedikt - Desktop
58dc5d2d41 Removed unneccessary comments from html documents. 2019-03-26 08:43:38 +01:00
Benedikt - Desktop
600c6203ef Changed the lesson plans of all the XSS lessons. 2019-03-26 08:43:38 +01:00
Max Geldner
2ee3b22207 Reworked some XSS assignments 2019-03-26 08:43:38 +01:00
Benedikt - Desktop
990bf079d3 Added hints for dom-based xss assignment (part 2) 2019-03-26 08:43:38 +01:00
Benedikt - Desktop
362671e67e Added hints for dom-based xss assignment (part 1) 2019-03-26 08:43:38 +01:00
Benedikt - Desktop
46f92dad3b Added hints for Reflected XSS assignment. 2019-03-26 08:43:38 +01:00
Bene-Notebook
2962ddbb3e Restructured XSS category. Updated gitignore to ignore TestClass.class. 2019-03-26 08:43:38 +01:00
Nanne Baars
bd86dc6ee0 SNAPSHOT version 2019-02-09 18:20:08 +01:00