dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2,259 Commits 11 Branches 78 Tags
Commit Graph

511 Commits

Author SHA1 Message Date
Nanne Baars
25dae3a4a8 Fix merge request 2019-10-30 08:28:14 +01:00
Nanne Baars
d73875e8e8 Remove empty line 2019-10-30 08:28:14 +01:00
Nanne Baars
e783c0c1f1 SQL: Cannot use apostrophe/quotes on string literals #662 2019-10-30 08:28:14 +01:00
Nanne Baars
96d11697d4 SQL Injection lesson 6 minor mistakes in examples #663 2019-10-30 08:28:14 +01:00
Nanne Baars
a0933d83d5 Reworked all the SQL statements to be uppercase 2019-10-30 08:28:14 +01:00
Cotonne
9fdbbf69d6 Proposition for fixing broken/improving links (#686) 
* As stated on enzoic.com: "PasswordPing is now Enzoic!"

* Add references to other OWASP resources
 2019-10-16 17:29:27 +02:00
Rene Zubcevic
6dc679e7b8 final tests and fixed the issue of getting the name of the loggedinuser 2019-10-15 13:59:18 +02:00
Rene Zubcevic
00873cfe3f csrf7 test cases added 2019-10-15 13:59:18 +02:00
Rene Zubcevic
e932253f06 initial test cases added 2019-10-15 13:59:18 +02:00
Rene Zubcevic
8d7142e6d3 upgrade ascii doc with support for link in new tab 2019-10-15 13:55:34 +02:00
René Zubcevic
e0ac4a1083
lessons in correct order and scoreboard visible again (#680) 2019-10-10 09:45:43 +02:00
René Zubcevic
f140875156
fixed views for password reset (#679) 2019-10-10 07:50:47 +02:00
René Zubcevic
18d43f16d3
working version with fixed link and GET for tracing purposes (#677) 
* working version with fixed link and GET for tracing purposes

* added integration test

* filter on request log
 2019-10-09 09:58:35 +02:00
Atharva Vaidya
aee4b74202 Update Receiving_mail.adoc (#676) 2019-10-03 18:22:54 +02:00
Choe Hyeong Jin
b481ed70e8 Fix typo in SQL Injection(Introduction) (#675) 
Fix typo `date` to `data` which seems more appropriate in context.
 2019-10-03 10:01:35 +02:00
René Zubcevic
fd7fb4cfbc
seems that we forgot about this one in the spring-boot-2 upgrade (#674) 2019-10-02 14:52:21 +02:00
René Zubcevic
663224d06a
xxe path info (#670) 
* xxe path info aid added

* xxe path info aid added

*  changes to template file and hints

* added ssl test support for XXE

* added ssl test support for XXE

* restconfig replaced by httpsrelaxed

* processed review comments on hints and example
 2019-10-02 09:59:32 +02:00
René Zubcevic
7536770769
deserialization made solvable again (#673) 
* first objects and unit tests for making a fix for the lesson

* example added

* unit test for windows and linux

* added unit tests hints and feedbacks and updated lesson pages

* small typo correction
 2019-10-02 08:26:48 +02:00
René Zubcevic
6c14f4987c Update IntroductionWebWolf.adoc 
use aangepast in gebruiker
 2019-10-02 07:55:57 +02:00
Rene Zubcevic
3d38ed7680 some text change 2019-10-02 07:55:57 +02:00
Rene Zubcevic
1a11702979 NL intro 2019-10-02 07:55:57 +02:00
René Zubcevic
0319c477b1
XSS lesson completion fixes (#669) 
* XSS lesson completion fixes

* removed log all

* lesson progress capable of deprecated assignments in the database

* fixed unit test for lesson progress
 2019-09-29 14:46:18 +02:00
Pei Hsuan Hung
9b906a2a29 Fix typo in XXE lesson 2019-09-25 00:37:36 +08:00
Nanne Baars
dad9c75ee0 Fix tests after updating from develop, changes applied for migrating to Spring Boot 2 2019-09-23 17:35:04 +02:00
Nanne Baars
35c1305ce9 Merge conflicts resolved 2019-09-23 07:34:27 +02:00
Nanne Baars
261f947777 Fix 2019-09-20 17:45:33 +02:00
Nanne Baars
c8ef848657 Fix 2019-09-20 17:36:15 +02:00
Nanne Baars
f29b923eef FIx? 2019-09-20 17:10:58 +02:00
Nanne Baars
e8d086ac9b All successful 2019-09-20 07:59:04 +02:00
Nanne Baars
d7a2596670 Update lesson template 2019-09-19 07:54:30 +02:00
Nanne Baars
82ad0a7cc7 Finally working 2019-09-18 17:53:43 +02:00
Rene Zubcevic
ec236a4ff5 First steps in XXE integration tests 2019-09-18 14:48:34 +02:00
Rene Zubcevic
57e6a84cef fixed and improved first two jwt challenges 2019-09-17 18:33:05 +02:00
Nanne Baars
2b01cbcb75 Fixed last tests 2019-09-16 07:43:22 +02:00
Nanne Baars
f774364461 Working unit tests 2019-09-13 20:05:25 +02:00
Nanne Baars
5e6f825e64 WIP 2019-09-13 16:42:13 +02:00
Nanne Baars
361249c666 First attempt at moving to Spring Boot 2 2019-09-12 17:22:03 +02:00
René Zubcevic
fb2e11fe11 fix for complete progress of sql mitigations and integration test 2019-09-10 13:58:58 +02:00
René Zubcevic
6e9a52a05e
Merge pull request #647 from WebGoat/separate_project 
Nice work. I will add some tests for the missing parts in the SQL mitigations (in a separate pull request)
 2019-09-09 14:05:21 +02:00
Nanne Baars
f7c8a271aa Fixed small typos 2019-09-09 13:55:24 +02:00
Nanne Baars
7a4f6e6fd3 Merge branch 'JeffreyWagnerBHN-develop' into develop 2019-09-09 13:54:38 +02:00
ephemeralwaves
aec051a9f1 Fixed minor spelling mistake 2019-09-09 13:41:38 +02:00
Jeffrey Wagner
75a174ff7b Fixed description and grammer 2019-09-06 21:12:55 -04:00
Nanne Baars
ff530e926e Use separate project for integration tests so we can start WebGoat and WebWolf 2019-08-25 17:43:14 +02:00
Matthias Grundmann
139651615e Make lesson csrf-7 stricter (do not allow invalid JSON, e.g. trailing =) 2019-08-22 17:44:52 +02:00
René Zubcevic
924a53c22a fixed sql adv 5 progress and added prove in integration test 2019-08-22 17:44:34 +02:00
René Zubcevic
73553d91d3
Merge pull request #639 from jskiba99/patch-2 
Update CrossSiteScripting_content9.adoc
 2019-08-22 11:14:38 +02:00
Nanne Baars
6d36e7db74 Added new endpoint for POST so it will give feedback to the UI. It now 
ended up in a HTTP/405 which does not give any feedback to the UI
 2019-08-17 13:52:59 +02:00
Nanne Baars
e01c2a35ce Add test case for security question assignment and the tracking is now 
done with a session scoped bean
 2019-08-06 19:04:07 +02:00
Jacob Skiba
7d9f24c86b
Update CrossSiteScripting_content9.adoc 
Fix broken resource link
 2019-08-06 05:26:05 -04:00