122cc323f2
Changed the order of explanation of setting up ZAP/Burp a bit (feedback from workshop). This makes the necessary steps more explicit by moving all extra configuration for https etc to the back. So when you follow the lesson you will only setup the minimal and not get confused about things which are only necessary in certain cases
2020-04-19 15:42:50 +02:00
6c25cf8e43
Add path traversal lesson
2020-03-10 08:03:48 +01:00
4e371b63d0
suppressing some useless log messages and banners in unit tests ( #752 )
...
* suppressing some useless log messages and banners in unit tests
* some more log suppressed
2020-01-25 12:11:45 +01:00
b6aa677594
Zap 8 update for proxy lesson ( #718 )
...
* additional steps in proxy setup added
* lessons checked
* added page on https proxy and burp proxy
2019-12-10 12:14:21 +01:00
5dd6b31905
Adjust lesson template ( #704 )
...
* Remove method `getId()` from all lessons as it defaults to the class name
* remove clean up endpoint
* remove unused class `RequestParameter`
* remove unused class `PluginLoadingFailure`
* Move `CourseConfiguration` to lesson package
* Add more content around the lesson template lesson and make it visible as a lesson in WebGoat
* Remove explicit invocation `trackProgress()` inside WebGoat framework so assignments only need to return an `AttackResult`
* Put original solution back as well for SQL string injection
* review comments
* Add
2019-11-17 13:39:56 +01:00
f40b6ffd31
Moving back to snapshot
2019-11-13 12:27:26 +01:00
fe2ac1b8d4
New release, updating pom.xml
2019-11-12 09:22:45 +01:00
7d48427d4f
Integrate ZAP 2.8.0 (no HUB) as the setup is different also update the filtering as usual ZAP exclusion is again broken
2019-11-11 21:17:51 +01:00
d8844216cc
Add solution for Firefox no longer proxying localhost at all
2019-11-11 10:38:25 +01:00
8d7142e6d3
upgrade ascii doc with support for link in new tab
2019-10-15 13:55:34 +02:00
e0ac4a1083
lessons in correct order and scoreboard visible again ( #680 )
2019-10-10 09:45:43 +02:00
261f947777
Fix
2019-09-20 17:45:33 +02:00
c8ef848657
Fix
2019-09-20 17:36:15 +02:00
f29b923eef
FIx?
2019-09-20 17:10:58 +02:00
e8d086ac9b
All successful
2019-09-20 07:59:04 +02:00
82ad0a7cc7
Finally working
2019-09-18 17:53:43 +02:00
f774364461
Working unit tests
2019-09-13 20:05:25 +02:00
5e6f825e64
WIP
2019-09-13 16:42:13 +02:00
6d36e7db74
Added new endpoint for POST so it will give feedback to the UI. It now
...
ended up in a HTTP/405 which does not give any feedback to the UI
2019-08-17 13:52:59 +02:00
d814522223
Fix test for HTTP proxy lesson
2019-07-14 12:39:07 +02:00
2eaf263e81
Improve task description for HTTP proxy lesson
2019-07-14 12:39:07 +02:00
98537426f2
SNAPSHOT version
2019-05-03 11:15:11 +02:00
9b0c4e62c2
New release, updating pom.xml
2019-05-03 09:50:01 +02:00
24bbb636f8
Update HttpBasics_ProxyIntro1.adoc
...
Fixed along to alone
2019-03-26 08:35:55 +01:00
bd86dc6ee0
SNAPSHOT version
2019-02-09 18:20:08 +01:00
6c86929aa6
New release, updating pom.xml
2019-02-08 14:20:23 +01:00
631fedb752
New release, updating pom.xml
2019-01-18 08:45:44 +01:00
9be4361afc
New release, updating pom.xml
2019-01-18 08:37:26 +01:00
ec225558b9
Move to latest Spring Boot version and move to Java 11
2018-12-15 13:59:54 +01:00
1252e3dc21
Update instructions to use docker-compose only
2018-07-17 20:17:35 +02:00
ac12a009e4
New release v8.0.0.M20
2018-06-20 18:05:59 +02:00
9dd93d88d9
New release v8.0.0.M19
2018-06-20 16:40:28 +02:00
26aa72e721
New release
2018-05-30 20:54:13 +02:00
c510bd9bf1
New develop version
2018-05-30 20:37:25 +02:00
c7a714a590
Move to next release
2018-05-30 17:05:50 +02:00
ecb7688e08
Update to new version for develop
...
Move WebWolf to port 9090 easier since most of the time something is running on 8081
Add scripts for easy building Docker files etc
2018-05-30 13:17:05 +02:00
4691bc5fd5
Extended proxy lesson with Edit and Resend and explained how to exclude WebGoat internal calls from proxying
2018-05-29 21:30:13 +02:00
55793dd153
New release v8.0.0.M15
2018-05-27 20:54:50 +02:00
eaf68d38c5
Initial commit for password reset lesson
2018-05-25 14:27:45 +02:00
408a637649
Update HttpBasics_ProxyIntro0.adoc
...
Fixed typo, Actual : "wihtin" , Expected : "within"
2018-05-23 13:35:51 +02:00
f30db3abfc
New version number
2018-04-11 20:45:12 +02:00
f91f77708a
New version
2017-11-02 21:44:30 +01:00
1ecb43092d
Bumped version number
2017-10-18 19:58:14 +02:00
8250b4048f
Updating version number
2017-10-18 19:43:33 +02:00
9e66ee177d
Image Cleanup for Http Proxies
2017-10-13 10:13:07 -06:00
5033c3661a
Cleaning up test case logging
2017-10-08 02:07:22 +02:00
82ef171a50
XSS Lesson Modifications ( #367 )
...
* initial cut on XSS, need to add some tests still
* initial unit tests for assignment endpoints
* updating header comment license thingy
* comment, clean up
* Stubs for security unit test
* Additional Unit Testing
* isEncoded and isNotEncoded Unit Tests added
* http-proxies updates
* update for XXE solutions
* Work-around to handle special chars in action ... currently to be able to match {userId} in hint creation/assignment for IDOR
* IDOR hints updated
* mitigation content update
* mitigation content update ... 2
* Lesson Overview updates
* including restart lesson fix for lesson overview
2017-07-10 08:33:10 -04:00
efe5ca4b4d
http-proxies update for AppSecEU challenge
2017-05-09 15:07:56 +01:00
f6d7016b96
typo fix
2017-05-09 15:07:56 +01:00
945976868b
Added testcases
2017-05-02 23:28:48 +02:00
