dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,941 Commits 11 Branches 78 Tags
Commit Graph

280 Commits

Author SHA1 Message Date
Nanne Baars
12123ef13b Merge branch 'release/v8.0.0.M18' 2018-06-20 16:32:31 +02:00
Matthias Grundmann
c7da546249 Improve text for lesson about CSRF login 2018-06-16 17:52:18 +02:00
misfir3
a41ff0083c
Merge pull request #479 from misfir3/develop 
Recent updates, including Missing Function AC content & patch for Vuln Components Lesson
 2018-06-13 18:44:09 -06:00
misfir3
701a99cf8f
Merge pull request #487 from matthias-g/xssFixes 
Small lesson improvements
 2018-06-13 18:42:14 -06:00
misfir3
844808bfa7
Merge pull request #485 from matthias-g/fixSQLInjection 
Fix sql injection
 2018-06-13 18:41:05 -06:00
Matthias Grundmann
81aac93dfe
Usage base64 encoded password as expected by JJWT 2018-06-13 17:58:52 +02:00
Matthias Grundmann
e5ec2c1ee0
Fix html attribute 2018-06-13 17:56:57 +02:00
Matthias Grundmann
b0fbeaff2c
This improves the text of the lesson about XSS 2018-06-13 17:56:23 +02:00
Matthias Grundmann
b47bb96534
Update changed password in tests 2018-06-13 16:11:28 +02:00
Matthias Grundmann
3b9b695ef1 Check host header instead of origin which might not be present #475 2018-06-13 11:38:33 +02:00
Matthias Grundmann
56fc983414
Update database layout so that proposed solution works 2018-06-12 17:40:28 +02:00
Matthias Grundmann
268adbcf7e
Move assignments to correct package so that hints are shown 2018-06-12 17:40:28 +02:00
Matthias Grundmann
f383454440 Fix spelling in JWT lesson 2018-06-12 11:02:51 +02:00
Matthias Grundmann
a7b82985d4 Fix usage of JJWT API which expects base64 encoded strings as key 2018-06-12 11:01:23 +02:00
Matthias Grundmann
3d282e163c Show newest comments first 
This prevents new comments from not being displayed after a comment containing invalid html has been posted.
 2018-06-12 10:54:13 +02:00
Matthias Grundmann
7068c84c6a Fix parameter in url and some spelling 2018-06-12 10:54:13 +02:00
Jason
1734170e9e updates to missing function ac lesson 2018-06-04 16:53:13 -06:00
Nanne Baars
26aa72e721 New release 2018-05-30 20:54:13 +02:00
Nanne Baars
c510bd9bf1 New develop version 2018-05-30 20:37:25 +02:00
Nanne Baars
c7a714a590 Move to next release 2018-05-30 17:05:50 +02:00
Nanne Baars
93620f148b Remove challenges which are also incorporated in the lessons themselves 2018-05-30 16:46:50 +02:00
Nanne Baars
ecb7688e08 Update to new version for develop 
Move WebWolf to port 9090 easier since most of the time something is running on 8081
Add scripts for easy building Docker files etc
 2018-05-30 13:17:05 +02:00
Nanne Baars
4691bc5fd5 Extended proxy lesson with Edit and Resend and explained how to exclude WebGoat internal calls from proxying 2018-05-29 21:30:13 +02:00
MaDuck
9587550bc5 Fixed column name on sql injection lesson 7 2018-05-29 14:42:22 +02:00
MaDuck
9a0995dae5 Fixed column name on sql injection lesson 6 2018-05-29 14:42:02 +02:00
Nanne Baars
4e07e0ebfa Fix links to open new browser tab 2018-05-29 14:04:33 +02:00
Nanne Baars
6e95fdfe56 Adjusted documentation 2018-05-29 13:33:52 +02:00
Nanne Baars
e045bc692d Buying page also calculates the prices 
Product image added
 2018-05-29 12:47:27 +02:00
Nanne Baars
589872ad47 Fix for JWT assignment 1 log in now works again. 
Reset button only triggers reset when admin is set to true in the token
 2018-05-29 11:20:40 +02:00
Nanne Baars
5f4889cefe Clicking link in first password reset link only switched back and forward 2018-05-29 09:29:50 +02:00
Nanne Baars
55793dd153 New release v8.0.0.M15 2018-05-27 20:54:50 +02:00
Nanne Baars
1edceb0aa8 Extended and fixed some lessons 2018-05-27 20:37:44 +02:00
Nanne Baars
d2b6725f3b Moved challenge2 to client-side-filtering as final assignment 2018-05-27 12:41:52 +02:00
Nanne Baars
6e003bc088 Working last password assignment 2018-05-26 18:48:48 +02:00
Nanne Baars
f8a7a61e85 New lesson working 2018-05-26 15:09:18 +02:00
Nanne Baars
eaf68d38c5 Initial commit for password reset lesson 2018-05-25 14:27:45 +02:00
Nanne Baars
8d7ecb19d7 Added testcases for all JWT endpoints 2018-05-23 14:28:19 +02:00
Nanne Baars
e0cf5b4a84 Removed under construction from JWT lesson 2018-05-23 14:28:19 +02:00
Nanne Baars
5b524d3a94 Added more unit tests 2018-05-23 14:28:19 +02:00
Nanne Baars
dda6f674a3 Last assignment for JWT tokens finished 2018-05-23 14:28:19 +02:00
Nanne Baars
e06d4642eb Fix error in testcase 2018-05-23 14:28:19 +02:00
Nanne Baars
4a8fdcf887 Fix content-type for login (gives error in console of browser) 2018-05-23 14:28:19 +02:00
Nanne Baars
fd96ba18f1 Added test cases for solving the lesson 2018-05-23 14:28:19 +02:00
Nanne Baars
60ef35e241 Working lesson 2018-05-23 14:28:19 +02:00
Nanne Baars
9d7886d572 More JWT work 2018-05-23 14:28:19 +02:00
Nanne Baars
7a0820bf89 WIP 2018-05-23 14:28:19 +02:00
Nanne Baars
ea9c1a453d Initial version for JWT 2018-05-23 14:28:19 +02:00
Nanne Baars
5378d72600 Change version in pom.xml 2018-05-23 14:04:21 +02:00
Jose Selvi
93d6d0e6b7 Added lesson texts 2018-05-23 13:58:37 +02:00
Jose Selvi
84860e65f6 Insecure Deserialization exercise 2018-05-23 13:58:03 +02:00