dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
3,860 Commits 11 Branches 78 Tags
Commit Graph

3860 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
mayhew64
fd9b60f98e Added some files required to build OWASP release. 
Modified License text and format to reflect GPL license.
Reformatted most of the code.

git-svn-id: http://webgoat.googlecode.com/svn/trunk@60 4033779f-a91e-0410-96ef-6bf7bf53c507
 2007-01-16 14:56:40 +00:00
sherif.fathy
036964495b Fixed comments by Bruce 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@59 4033779f-a91e-0410-96ef-6bf7bf53c507
 2007-01-11 05:14:09 +00:00
sherif.fathy
2fdf823259 Changed BackDoors lessons to be a little bit clearer, added more hints. 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@58 4033779f-a91e-0410-96ef-6bf7bf53c507
 2006-12-31 07:35:58 +00:00
sherif.fathy
c469a8b0a1 Fixed HttpSplitting and CSRF per Bruce's requests 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@57 4033779f-a91e-0410-96ef-6bf7bf53c507
 2006-12-31 06:32:32 +00:00
sherif.fathy
ae225126ae Changed CSRF per Bruce's comments 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@56 4033779f-a91e-0410-96ef-6bf7bf53c507
 2006-12-30 17:30:30 +00:00
sherif.fathy
63043b0f34 Modified Silent Transactions and XML Injection lesson per Bruce's comments 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@55 4033779f-a91e-0410-96ef-6bf7bf53c507
 2006-12-30 08:07:48 +00:00
sherif.fathy
ba38b57a44 Modified DOMInjection per Bruce's comments 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@54 4033779f-a91e-0410-96ef-6bf7bf53c507
 2006-12-29 16:43:59 +00:00
sherif.fathy
0429f917bc git-svn-id: http://webgoat.googlecode.com/svn/trunk@53 4033779f-a91e-0410-96ef-6bf7bf53c507 2006-12-29 05:13:24 +00:00
mayhew64
f19330db4b Changed help text 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@52 4033779f-a91e-0410-96ef-6bf7bf53c507
 2006-12-29 05:11:40 +00:00
mayhew64
cd4e6a3b95 Minor nits 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@51 4033779f-a91e-0410-96ef-6bf7bf53c507
 2006-12-29 04:51:37 +00:00
mayhew64
59c2427f0d V5 front page 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@50 4033779f-a91e-0410-96ef-6bf7bf53c507
 2006-12-29 03:59:37 +00:00
sherif.fathy
37c56c748d modified CSRF to add an actual attack 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@49 4033779f-a91e-0410-96ef-6bf7bf53c507
 2006-12-28 16:59:02 +00:00
sherif.fathy
5e061d5bad Added JSONInjection, SilentTransactions 
Modified The install guide

git-svn-id: http://webgoat.googlecode.com/svn/trunk@48 4033779f-a91e-0410-96ef-6bf7bf53c507
 2006-12-28 15:35:10 +00:00
sherif.fathy
af2df52e91 Added Backdoors lesson 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@47 4033779f-a91e-0410-96ef-6bf7bf53c507
 2006-12-25 17:20:01 +00:00
mayhew64
3732cd80af Logo 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@46 4033779f-a91e-0410-96ef-6bf7bf53c507
 2006-12-24 13:44:57 +00:00
mayhew64
05305c0096 replaced by lab properties 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@45 4033779f-a91e-0410-96ef-6bf7bf53c507
 2006-12-24 13:40:23 +00:00
mayhew64
857799f855 Minor syntax cleanup 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@44 4033779f-a91e-0410-96ef-6bf7bf53c507
 2006-12-24 13:38:45 +00:00
mayhew64
a394e58093 Missing Div tag 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@43 4033779f-a91e-0410-96ef-6bf7bf53c507
 2006-12-24 13:34:56 +00:00
mayhew64
159f691b4b Build Procedures 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@42 4033779f-a91e-0410-96ef-6bf7bf53c507
 2006-12-24 13:34:09 +00:00
sherif.fathy
67497f0919 Added a hint in log spoofing instructions for the user to add a script in the log file 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@41 4033779f-a91e-0410-96ef-6bf7bf53c507
 2006-12-23 00:39:18 +00:00
sherif.fathy
7acbacbe61 Added Cache Poisining lesson as a staged lesson to HTTP Splitting lesson. 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@40 4033779f-a91e-0410-96ef-6bf7bf53c507
 2006-12-23 00:24:47 +00:00
sherif.fathy
9f76aeb38f More changes to the response splitting lesson plan. 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@39 4033779f-a91e-0410-96ef-6bf7bf53c507
 2006-12-22 00:49:29 +00:00
sherif.fathy
1d67443b22 Removed some commented code and added more description to the HTTP Splitting lesson 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@38 4033779f-a91e-0410-96ef-6bf7bf53c507
 2006-12-22 00:20:31 +00:00
sherif.fathy
575d040c24 Added XMLInjection lesson 
Modified DOM Injection lesson
Added gratification to http splitting

git-svn-id: http://webgoat.googlecode.com/svn/trunk@37 4033779f-a91e-0410-96ef-6bf7bf53c507
 2006-12-21 04:39:32 +00:00
sherif.fathy
60d65681ff Renamed XMLInjection to XPATHInjection 
Made some changes to the lesson according to Jeff's comments

git-svn-id: http://webgoat.googlecode.com/svn/trunk@36 4033779f-a91e-0410-96ef-6bf7bf53c507
 2006-12-16 23:38:02 +00:00
sherif.fathy
296254e279 This patch contains the HTTP connector that intercepts the requests to the application and tries to communicate with OSG. 
It also contains the DOM Injection lesson

git-svn-id: http://webgoat.googlecode.com/svn/trunk@35 4033779f-a91e-0410-96ef-6bf7bf53c507
 2006-12-16 22:39:14 +00:00
sherif.fathy
80a2add2d7 - This patch fixes Forced Browsing lesson by removing any custom coding for WebSession and HammerHead.java 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@34 4033779f-a91e-0410-96ef-6bf7bf53c507
 2006-12-04 04:35:04 +00:00
sherif.fathy
51d40b7b22 - Contains the XMLInjection lesson. 
- New files added:
  XMLInjection.html, XMLInjection.java and XMLInjection/EmployeesData.xml

git-svn-id: http://webgoat.googlecode.com/svn/trunk@33 4033779f-a91e-0410-96ef-6bf7bf53c507
 2006-12-02 19:45:59 +00:00
sherif.fathy
c2aee8017e git-svn-id: http://webgoat.googlecode.com/svn/trunk@32 4033779f-a91e-0410-96ef-6bf7bf53c507 2006-11-11 22:42:54 +00:00
sherif.fathy
99779ea2e9 Add a new lesson "How to add a new lesson" under new category "New Lessons" 
Modified the existing lessons to present the solution in the last hint

git-svn-id: http://webgoat.googlecode.com/svn/trunk@31 4033779f-a91e-0410-96ef-6bf7bf53c507
 2006-11-11 22:41:42 +00:00
mayhew64
e5b3b00b0f General cleanup of warnings, fixed a few method scope issues and incorrect use of static references to categories 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@30 4033779f-a91e-0410-96ef-6bf7bf53c507
 2006-11-03 23:55:08 +00:00
sherif.fathy
fae3c3f047 patch to fix a last minute typo and an unwanted import statement 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@29 4033779f-a91e-0410-96ef-6bf7bf53c507
 2006-11-03 02:50:12 +00:00
sherif.fathy
6a59cd6e6e git-svn-id: http://webgoat.googlecode.com/svn/trunk@28 4033779f-a91e-0410-96ef-6bf7bf53c507 2006-11-03 01:14:36 +00:00
sherif.fathy
ca2dfa27d1 * Log spoofing lesson this includes the following file: 
- LogSpoofing.html
  - LogSpoofing.java

git-svn-id: http://webgoat.googlecode.com/svn/trunk@27 4033779f-a91e-0410-96ef-6bf7bf53c507
 2006-11-01 02:26:51 +00:00
sherif.fathy
1a9d859507 - Updated a comment and removed some unused imports in HttpSplitting.java 
- Added CSRF.html and CSRF.java

git-svn-id: http://webgoat.googlecode.com/svn/trunk@26 4033779f-a91e-0410-96ef-6bf7bf53c507
 2006-10-23 01:15:03 +00:00
esheri3
b6256a17f1 Fixed 'Restart Lesson' bug in SoapRequest.java. Successful completion of a lesson resets the function invocation counters. Added HttpOnly lesson with improved browser identification support. 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@25 4033779f-a91e-0410-96ef-6bf7bf53c507
 2006-10-09 14:28:09 +00:00
sherif.fathy
6916632841 - Added some documentations. 
- Changed some variable names for clarification

git-svn-id: http://webgoat.googlecode.com/svn/trunk@24 4033779f-a91e-0410-96ef-6bf7bf53c507
 2006-10-09 00:49:53 +00:00
sherif.fathy
6cc8bed0c7 - Added HTTP lesson together with its lesson plan and goals. 
- Files added:
   HttpSplitting.html
   HttpSplitting.java
   redirect.jsp
- Files Changed:
   webgoat-class.properties
   webgoat-lmc.properties

git-svn-id: http://webgoat.googlecode.com/svn/trunk@23 4033779f-a91e-0410-96ef-6bf7bf53c507
 2006-10-08 23:46:34 +00:00
mayhew64
d12bab05a4 Modified instructions to include WTP for eclipse and the tomcat-users merge. 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@22 4033779f-a91e-0410-96ef-6bf7bf53c507
 2006-09-30 20:17:49 +00:00
mayhew64
39a068987e Moved remotely 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@21 4033779f-a91e-0410-96ef-6bf7bf53c507
 2006-09-30 13:48:47 +00:00
mayhew64
d4db50dccd Added items remotely 
C:\p4\depot\WebGoat\J2EE\main\eclipse.bat
C:\p4\depot\WebGoat\J2EE\main\webgoat.bat
C:\p4\depot\WebGoat\J2EE\main\webgoat.sh
C:\p4\depot\WebGoat\J2EE\main\webgoat_8080.bat
C:\p4\depot\WebGoat\J2EE\main\webscarab.bat


git-svn-id: http://webgoat.googlecode.com/svn/trunk@20 4033779f-a91e-0410-96ef-6bf7bf53c507
 2006-09-30 13:47:43 +00:00
mayhew64
63d34606c0 Added items remotely 
C:\p4\depot\WebGoat\J2EE\main\eclipse.bat
C:\p4\depot\WebGoat\J2EE\main\webgoat.bat
C:\p4\depot\WebGoat\J2EE\main\webgoat.sh
C:\p4\depot\WebGoat\J2EE\main\webgoat_8080.bat
C:\p4\depot\WebGoat\J2EE\main\webscarab.bat


git-svn-id: http://webgoat.googlecode.com/svn/trunk@19 4033779f-a91e-0410-96ef-6bf7bf53c507
 2006-09-30 13:47:33 +00:00
mayhew64
f300e2f7a5 Added items remotely 
C:\p4\depot\WebGoat\J2EE\main\eclipse.bat
C:\p4\depot\WebGoat\J2EE\main\webgoat.bat
C:\p4\depot\WebGoat\J2EE\main\webgoat.sh
C:\p4\depot\WebGoat\J2EE\main\webgoat_8080.bat
C:\p4\depot\WebGoat\J2EE\main\webscarab.bat


git-svn-id: http://webgoat.googlecode.com/svn/trunk@18 4033779f-a91e-0410-96ef-6bf7bf53c507
 2006-09-30 13:47:23 +00:00
mayhew64
8161ef4cf3 Added items remotely 
C:\p4\depot\WebGoat\J2EE\main\eclipse.bat
C:\p4\depot\WebGoat\J2EE\main\webgoat.bat
C:\p4\depot\WebGoat\J2EE\main\webgoat.sh
C:\p4\depot\WebGoat\J2EE\main\webgoat_8080.bat
C:\p4\depot\WebGoat\J2EE\main\webscarab.bat


git-svn-id: http://webgoat.googlecode.com/svn/trunk@17 4033779f-a91e-0410-96ef-6bf7bf53c507
 2006-09-30 13:47:15 +00:00
mayhew64
53582e2b37 Added items remotely 
C:\p4\depot\WebGoat\J2EE\main\eclipse.bat
C:\p4\depot\WebGoat\J2EE\main\webgoat.bat
C:\p4\depot\WebGoat\J2EE\main\webgoat.sh
C:\p4\depot\WebGoat\J2EE\main\webgoat_8080.bat
C:\p4\depot\WebGoat\J2EE\main\webscarab.bat


git-svn-id: http://webgoat.googlecode.com/svn/trunk@16 4033779f-a91e-0410-96ef-6bf7bf53c507
 2006-09-30 13:47:06 +00:00
mayhew64
98949c00d8 Moved remotely 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@15 4033779f-a91e-0410-96ef-6bf7bf53c507
 2006-09-30 13:41:26 +00:00
mayhew64
0465a6d6aa git-svn-id: http://webgoat.googlecode.com/svn/trunk@14 4033779f-a91e-0410-96ef-6bf7bf53c507 2006-09-30 13:40:10 +00:00
mayhew64
703e96efa0 Added items remotely 
C:\p4\depot\WebGoat\J2EE\main\HOW TO create the WebGoat workspace.txt


git-svn-id: http://webgoat.googlecode.com/svn/trunk@13 4033779f-a91e-0410-96ef-6bf7bf53c507
 2006-09-30 13:36:17 +00:00
mayhew64
d3ad0b6040 Moved remotely 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@12 4033779f-a91e-0410-96ef-6bf7bf53c507
 2006-09-30 13:34:48 +00:00
mayhew64
275fe04bfe git-svn-id: http://webgoat.googlecode.com/svn/trunk@11 4033779f-a91e-0410-96ef-6bf7bf53c507 2006-09-30 13:30:52 +00:00