dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2,364 Commits 11 Branches 78 Tags
Commit Graph

42 Commits

Author SHA1 Message Date
Nanne Baars
39740e069e New release 2020-05-22 14:10:31 +02:00
René Zubcevic
e25f7a7560 clean up and update js 2020-04-08 12:05:01 +02:00
René Zubcevic
c4153ecbfb
Maven owasp dep update (#776) 
* add pmd and owasp dependency check through -P owasp profile

* suppress full stack trace in log

* revert to spring 2.2.0 as 2.2.4 failed in travis

* added owasp dependency check maven configuration details to vulenerable
lesson page 7
 2020-04-06 16:01:09 +02:00
Nanne Baars
6c25cf8e43 Add path traversal lesson 2020-03-10 08:03:48 +01:00
René Zubcevic
4e371b63d0
suppressing some useless log messages and banners in unit tests (#752) 
* suppressing some useless log messages and banners in unit tests

* some more log suppressed
 2020-01-25 12:11:45 +01:00
Nanne Baars
5de82c0a06 Fix link to XStream blog which no longer exists (#740) 2020-01-05 19:48:40 +01:00
Nanne Baars
8088465652 Move and remove unneccessary pom dependencies (#736) 2019-12-24 16:14:36 +01:00
Nanne Baars
035c8662d4 Revert "Bump xstream from 1.4.5 to 1.4.6 in /webgoat-lessons" 
This reverts commit a831d949b25b0da599a8e71518f52b7889fc982a.
 2019-12-23 17:14:20 +01:00
dependabot[bot]
a831d949b2 Bump xstream from 1.4.5 to 1.4.6 in /webgoat-lessons 
Bumps xstream from 1.4.5 to 1.4.6.

Signed-off-by: dependabot[bot] <support@github.com>
 2019-12-23 17:12:31 +01:00
Nanne Baars
5dd6b31905 Adjust lesson template (#704) 
* Remove method `getId()` from all lessons as it defaults to the class name

* remove clean up endpoint

* remove unused class `RequestParameter`

* remove unused class `PluginLoadingFailure`

* Move `CourseConfiguration` to lesson package

* Add more content around the lesson template lesson and make it visible as a lesson in WebGoat

* Remove explicit invocation `trackProgress()` inside WebGoat framework so assignments only need to return an `AttackResult`

* Put original solution back as well for SQL string injection

* review comments

* Add
 2019-11-17 13:39:56 +01:00
Nanne Baars
f40b6ffd31 Moving back to snapshot 2019-11-13 12:27:26 +01:00
Nanne Baars
fe2ac1b8d4 New release, updating pom.xml 2019-11-12 09:22:45 +01:00
Nanne Baars
e8d086ac9b All successful 2019-09-20 07:59:04 +02:00
Nanne Baars
82ad0a7cc7 Finally working 2019-09-18 17:53:43 +02:00
Nanne Baars
5e6f825e64 WIP 2019-09-13 16:42:13 +02:00
Nanne Baars
98537426f2 SNAPSHOT version 2019-05-03 11:15:11 +02:00
Nanne Baars
9b0c4e62c2 New release, updating pom.xml 2019-05-03 09:50:01 +02:00
Nanne Baars
bd86dc6ee0 SNAPSHOT version 2019-02-09 18:20:08 +01:00
Nanne Baars
6c86929aa6 New release, updating pom.xml 2019-02-08 14:20:23 +01:00
Nanne Baars
631fedb752 New release, updating pom.xml 2019-01-18 08:45:44 +01:00
Nanne Baars
9be4361afc New release, updating pom.xml 2019-01-18 08:37:26 +01:00
Nanne Baars
ec225558b9 Move to latest Spring Boot version and move to Java 11 2018-12-15 13:59:54 +01:00
Nanne Baars
1252e3dc21 Update instructions to use docker-compose only 2018-07-17 20:17:35 +02:00
Nanne Baars
ac12a009e4 New release v8.0.0.M20 2018-06-20 18:05:59 +02:00
Nanne Baars
9dd93d88d9 New release v8.0.0.M19 2018-06-20 16:40:28 +02:00
Nanne Baars
26aa72e721 New release 2018-05-30 20:54:13 +02:00
Nanne Baars
c510bd9bf1 New develop version 2018-05-30 20:37:25 +02:00
Nanne Baars
c7a714a590 Move to next release 2018-05-30 17:05:50 +02:00
Nanne Baars
ecb7688e08 Update to new version for develop 
Move WebWolf to port 9090 easier since most of the time something is running on 8081
Add scripts for easy building Docker files etc
 2018-05-30 13:17:05 +02:00
Nanne Baars
55793dd153 New release v8.0.0.M15 2018-05-27 20:54:50 +02:00
Nanne Baars
f30db3abfc New version number 2018-04-11 20:45:12 +02:00
Nanne Baars
f91f77708a New version 2017-11-02 21:44:30 +01:00
Nanne Baars
1ecb43092d Bumped version number 2017-10-18 19:58:14 +02:00
Nanne Baars
8250b4048f Updating version number 2017-10-18 19:43:33 +02:00
Nanne Baars
5033c3661a Cleaning up test case logging 2017-10-08 02:07:22 +02:00
Nanne Baars
259fd19c1b - Introduced user registration 
- Now using Spring Boot for classloading, this way local development does not need to restart the complete server
- Fixed all kinds of dependencies on the names of the lessons necessary to keep in mind during the creation of a lesson.
- Simplied loading of resources, by adding resource mappings in MvcConfig.
- Refactored plugin loading, now only one class is left for loading the lessons.
 2017-03-22 11:35:14 +01:00
mayhew64
0de569339c Cleanup of vulnerable components 2017-02-08 11:37:11 -05:00
mayhew64
33e807797c Xstream RCE works now 2017-02-07 23:51:05 -05:00
Nanne Baars
65d728dfff Solved issue with POST in vulnerable components lesson 2017-02-07 23:49:26 +01:00
Nanne Baars
8d3b028acc Solved issue with POST in vulnerable components lesson 2017-02-07 23:38:57 +01:00
mayhew64
b4159385c1 Vulnerable components draft, fixed missing properties in httpbasics when user input was empty 2017-02-07 16:05:30 -05:00
mayhew64
ef3779ec13 Draft Vuln components 2017-01-28 11:05:09 -05:00