dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2,570 Commits 11 Branches 78 Tags
Commit Graph

672 Commits

Author SHA1 Message Date
Gerard de Leeuw
e094dd6d14 Typo's 2017-03-31 12:06:45 +02:00
Nanne Baars
259fd19c1b - Introduced user registration 
- Now using Spring Boot for classloading, this way local development does not need to restart the complete server
- Fixed all kinds of dependencies on the names of the lessons necessary to keep in mind during the creation of a lesson.
- Simplied loading of resources, by adding resource mappings in MvcConfig.
- Refactored plugin loading, now only one class is left for loading the lessons.
 2017-03-22 11:35:14 +01:00
Nanne Baars
9b86aaba05 Adding challenge 2017-03-22 00:09:17 +01:00
hillstonenet-interns-bj
ad3e9439ec [fix] SQLi Lessons 6a-b: lesson passed's boolean 2017-03-03 17:19:33 +01:00
hillstonenet-interns-bj
f5c3610aba [fix] path in HttpProxies html file was wrong 2017-03-02 21:34:31 +01:00
Nanne Baars
f71d02fc6a Merge branch 'develop' into develop 2017-03-02 21:24:09 +01:00
Nanne Baars
2d6235e4f0 Provide Server-side service to support UI localization #265 
- Now also enabled for adoc
 2017-03-02 21:17:21 +01:00
Jason White
153dc57731 Basic solutions cheat file for now 2017-02-17 16:18:57 -05:00
Jason White
3193b591d8 commenting out latter part of XSS for now 2017-02-17 16:18:36 -05:00
Jason White
ac6e8b59b7 XSS updates 2017-02-17 15:59:38 -05:00
Jason White
d99a1d8448 temp. dep. mgmt resolution 2017-02-17 14:53:23 -05:00
Jason White
7f532f0ffc XSS lesson updates 2017-02-17 13:05:54 -05:00
mayhew64
0de569339c Cleanup of vulnerable components 2017-02-08 11:37:11 -05:00
mayhew64
27947cca96 Fixed the SQL Injection to return results upon success 2017-02-08 00:01:44 -05:00
mayhew64
33e807797c Xstream RCE works now 2017-02-07 23:51:05 -05:00
Nanne Baars
65d728dfff Solved issue with POST in vulnerable components lesson 2017-02-07 23:49:26 +01:00
Nanne Baars
8d3b028acc Solved issue with POST in vulnerable components lesson 2017-02-07 23:38:57 +01:00
mayhew64
a00546638a Merge branch 'develop' of https://github.com/WebGoat/WebGoat into develop 2017-02-07 16:06:45 -05:00
mayhew64
b4159385c1 Vulnerable components draft, fixed missing properties in httpbasics when user input was empty 2017-02-07 16:05:30 -05:00
Jason White
40844bd823 #319 updated content for proxy 2017-02-07 18:13:27 +01:00
mayhew64
85ef7ee1a4 Merge branch 'develop' of https://github.com/WebGoat/WebGoat into develop 2017-02-06 09:19:29 -05:00
Nanne Baars
d25700434e Added tests for assignments 2017-01-31 23:28:59 +01:00
Nanne Baars
ee5a12d205 Provide Server-side service to support UI localization #265 (#322) 
merging
 2017-01-31 11:52:33 -05:00
mayhew64
fbd37b39bd Merge branch 'develop' of https://github.com/WebGoat/WebGoat into develop 2017-01-28 11:05:16 -05:00
mayhew64
ef3779ec13 Draft Vuln components 2017-01-28 11:05:09 -05:00
mayhew64
a564ff2038 adding in Vulnerable Components lesson 2017-01-28 10:59:44 -05:00
Jason White
2b31a19143 #319 2017-01-27 15:39:31 -05:00
Jason White
264f7e74b6 Minor clean up in assignment endpoint 2017-01-25 14:56:20 -05:00
Jason White
f7ec164601 Adding request intercept assignment 2017-01-25 14:56:20 -05:00
Jason White
ac16342c17 #315 Adding UI handling and corresponding expected elements for html files for decoration. Inlucdes minor refactor 2017-01-25 17:46:31 +01:00
Nanne Baars
0779f7a3d0 Hints per lesson (#314) 
Squashing and merging ...

* Each assigment should have the options to have its own set of hints #278

* Updating lessons due to changes from #278

* Enable i18n client side #312

* IDOR move hints to assignment and enable i18n #312
 2017-01-24 09:34:06 -05:00
Nanne Baars
6d727b98e3 Create IDOR lesson #304 
- Fix put mapping
 2017-01-18 20:50:37 +01:00
Jason White
4e9b30d7f6 #304 incremental addition for IDOR, still experiencing 400 with PUT method 2017-01-09 14:02:00 -05:00
Jason White
fe4f568fc0 #304 update to IDOR. Still experiencing 400 on EditOwnProfile endpoint 2017-01-06 13:04:03 -05:00
Jason White
0a41b2813d #304 ... trying to fix prev. commit 2017-01-06 08:06:49 -05:00
Jason White
65eaa934ea Initial/partial commit of IDOR lesson 2017-01-05 17:30:53 -05:00
Nanne Baars
9c03b6f63b #276 Automatic lesson summary page 
- Basic overview of all the assignments needed to be solved in a lesson
 - Clicking on a link will jump to the correct page with the assignment
 - Lesson completed also updates lesson overview immediately
 2016-12-28 10:14:34 +01:00
Jason White
282073ed2d Adding ZAP content for HTTP Basics 2016-12-22 16:37:57 -05:00
Mario Zupan
6fa894938b Issue #275: Activate Syntax Highlighting with Coderay in Asciidoc templates 2016-12-15 17:37:30 +01:00
Nanne Baars
b8b632905d Fixing failing unit test 2016-12-08 22:06:21 +01:00
Nanne Baars
1a854a500e Lesson overview 2016-11-29 20:27:54 +01:00
Jason White
e183c8d8b3 implementing support for dom xss 2016-11-23 17:25:47 -05:00
Nanne Baars
5347311319 XXE last assignment completely working 2016-11-23 17:09:35 +01:00
Nanne Baars
c80bfcbc2f First checkin for CSRF 
(cherry picked from commit a01a767)
 2016-11-23 17:09:35 +01:00
Jason White
4940a12d0d button size fix 2016-11-22 16:25:19 -05:00
mayhew64
32d1009390 Reflected xss working - still have to think how to get the success criteria. Page needs some work though 2016-11-21 23:09:58 -05:00
Bruce Mayhew
edaadecc38 Merge pull request #286 from WebGoat/feature/spring-boot 
First draft at XSS
 2016-11-21 18:37:53 -05:00
Jason White
2647722842 fixing typo 2016-11-21 13:50:21 -05:00
mayhew64
95607089d4 First draft at XSS 2016-11-21 13:39:43 -05:00
Nanne Baars
f2a114419a XXE checkin 2016-11-18 10:39:39 +01:00