dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2,268 Commits 11 Branches 78 Tags
Commit Graph

239 Commits

Author SHA1 Message Date
Nanne Baars
1a83e2825e Code style (#696) 
* Remove Guava dependency from WebGoat

* Add Checkstyle to the project with very basic standards so we have a
style across lessons. It does not interfere with basic Intellij formatting
 2019-11-03 18:11:09 +01:00
Nanne Baars
710adfae20 Upgrade to latest Spring Boot version 2019-10-30 08:28:14 +01:00
Nanne Baars
689e3de7a4 Final changes for splitting SQL WebGoat and lessons 2019-10-30 08:28:14 +01:00
Nanne Baars
25dae3a4a8 Fix merge request 2019-10-30 08:28:14 +01:00
Rene Zubcevic
1f00d461a8 cleaned logs and changed username length for csrf-uuid 2019-10-15 13:59:18 +02:00
Rene Zubcevic
8d7142e6d3 upgrade ascii doc with support for link in new tab 2019-10-15 13:55:34 +02:00
René Zubcevic
663224d06a
xxe path info (#670) 
* xxe path info aid added

* xxe path info aid added

*  changes to template file and hints

* added ssl test support for XXE

* added ssl test support for XXE

* restconfig replaced by httpsrelaxed

* processed review comments on hints and example
 2019-10-02 09:59:32 +02:00
René Zubcevic
0319c477b1
XSS lesson completion fixes (#669) 
* XSS lesson completion fixes

* removed log all

* lesson progress capable of deprecated assignments in the database

* fixed unit test for lesson progress
 2019-09-29 14:46:18 +02:00
Nanne Baars
d080b3ef06 Review comment 2019-09-24 07:36:49 +02:00
Nanne Baars
261f947777 Fix 2019-09-20 17:45:33 +02:00
Nanne Baars
c8ef848657 Fix 2019-09-20 17:36:15 +02:00
Nanne Baars
6fe5831f11 FIx? 2019-09-20 16:46:26 +02:00
Nanne Baars
cf00454f8b Testing issue 2019-09-20 08:30:07 +02:00
Nanne Baars
e8d086ac9b All successful 2019-09-20 07:59:04 +02:00
Nanne Baars
82ad0a7cc7 Finally working 2019-09-18 17:53:43 +02:00
Nanne Baars
dceb375d5e WIP 2019-09-13 18:57:40 +02:00
Nanne Baars
361249c666 First attempt at moving to Spring Boot 2 2019-09-12 17:22:03 +02:00
Nanne Baars
2283f945a9 Fix failing configuration 2019-08-25 17:53:36 +02:00
Nanne Baars
ff530e926e Use separate project for integration tests so we can start WebGoat and WebWolf 2019-08-25 17:43:14 +02:00
TortugaAttack
f0d1555a09 Fixed #45 - multiple tracker for one user fixed 2019-08-21 23:38:27 +02:00
Nanne Baars
e61c943f97 #601 bug: username is case sensitive, but email in general is not 
Opted for completing remove support for uppercase letters in username
this way we never come across issued with casing in WebGoat
 2019-07-28 20:48:20 +02:00
René Zubcevic
ae674b9297
Merge pull request #620 from zubcevic/july2019-bugfixes 
increased sql form fields and fixed chrome progress
 2019-07-25 08:39:34 +02:00
Nanne Baars
216b29fca2 Clean up in pom files 2019-07-24 20:37:32 +02:00
Rene Zubcevic
ea38973068 UTF-8 config added for ThymeLeaf 2019-07-22 08:21:34 +02:00
Rene Zubcevic
63a1097466 owasp categories 2019-07-14 12:38:11 +02:00
Rene Zubcevic
e57c9d05b6 added checkbox and corrected fall back for the other labels 2019-04-21 14:10:01 +02:00
Max Geldner
b02a01d35e squash 2019-03-26 08:43:38 +01:00
Max Geldner
6d974b5fa8 Fixed lesson sorting issue 2019-03-26 08:43:38 +01:00
Benedikt - Desktop
1bcddaf710 Reworked and polished assignment 8 and 9 (C and I) 2019-03-26 08:43:38 +01:00
Benedikt - Desktop
6fe7582dfb Added an assignment for compromising availability to the sql injections (introduction). 
WIP
 2019-03-26 08:43:38 +01:00
Benedikt - Desktop
75b1895122 Added a new lessons for sql injections on "Compromising confidentiality with String SQL Injection" 2019-03-26 08:43:38 +01:00
Rene Zubcevic
6e36cc1ea4 removed unnecessary interceptors 2019-03-26 08:37:47 +01:00
Rene Zubcevic
1c2648e0a9 disable the fallback to the system locale to fix unit test and establish the desired behaviour 2019-03-26 08:37:47 +01:00
Nanne Baars
ed490a5ecf Fix for #545 
Introduced new macro to make a clear distinction between /WebWolf with
context root and without.
 2019-01-16 11:07:30 +01:00
misfir3
844808bfa7
Merge pull request #485 from matthias-g/fixSQLInjection 
Fix sql injection
 2018-06-13 18:41:05 -06:00
Matthias Grundmann
1d2575a211 Allow - in usernames because CSRF lesson requires username starting with prefix crsf- #476 2018-06-13 11:38:33 +02:00
Matthias Grundmann
56fc983414
Update database layout so that proposed solution works 2018-06-12 17:40:28 +02:00
Nanne Baars
fc2c99bcb4 Limit the username to letters and digits only 2018-05-29 16:16:52 +02:00
Nanne Baars
60ef35e241 Working lesson 2018-05-23 14:28:19 +02:00
Nanne Baars
9d7886d572 More JWT work 2018-05-23 14:28:19 +02:00
Nanne Baars
ea9c1a453d Initial version for JWT 2018-05-23 14:28:19 +02:00
Jose Selvi
84860e65f6 Insecure Deserialization exercise 2018-05-23 13:58:03 +02:00
Nanne Baars
8050a2b56d XXE lesson not showing correct link for WebWolf 2018-05-01 21:54:28 +02:00
Nanne Baars
e4ca0c4836 Make report working again 2018-04-27 19:26:01 +02:00
Nanne Baars
e422da4c64 Polling for lesson updates (updates the menu and page navigation) 2018-04-27 18:50:13 +02:00
Nanne Baars
245ba2c3d1 Fix XXE lesson, the exact .webgoat directory including version number will be put in the lesson. 2018-04-24 20:44:05 +02:00
Nanne Baars
672d78eebc Resource bundle in UTF-8 2018-04-23 16:12:50 +02:00
nbaars
b99b554522 Version: docker 8.0.0.M9 Multiple users can't finalize the same lesson #432 2018-01-29 15:29:48 +01:00
nbaars
ee11381a63 Fixed database issue mappings 2018-01-21 17:13:28 +01:00
nbaars
2cc6c232e2 Added macro for asciidoc to produce the WebWolf link dynamically depending on configuration 2018-01-15 20:56:59 +01:00