96412da04e
Remove unused imports and parameters
2020-04-19 15:42:50 +02:00
3b7481c2a7
Update method signature
2020-04-19 15:42:50 +02:00
407e19638f
Add two more assignments for SQL injection where only filtering is applied.
2020-04-19 15:42:50 +02:00
6c25cf8e43
Add path traversal lesson
2020-03-10 08:03:48 +01:00
4e371b63d0
suppressing some useless log messages and banners in unit tests ( #752 )
...
* suppressing some useless log messages and banners in unit tests
* some more log suppressed
2020-01-25 12:11:45 +01:00
5dd6b31905
Adjust lesson template ( #704 )
...
* Remove method `getId()` from all lessons as it defaults to the class name
* remove clean up endpoint
* remove unused class `RequestParameter`
* remove unused class `PluginLoadingFailure`
* Move `CourseConfiguration` to lesson package
* Add more content around the lesson template lesson and make it visible as a lesson in WebGoat
* Remove explicit invocation `trackProgress()` inside WebGoat framework so assignments only need to return an `AttackResult`
* Put original solution back as well for SQL string injection
* review comments
* Add
2019-11-17 13:39:56 +01:00
f40b6ffd31
Moving back to snapshot
2019-11-13 12:27:26 +01:00
fe2ac1b8d4
New release, updating pom.xml
2019-11-12 09:22:45 +01:00
e07a2aff48
Fix mistake the SQL exception should be throws otherwise users cannot see the table name (servers) makes it impossible to
...
solve the assignment. Add explicit test for this to guard against future mistakes
2019-11-11 21:17:51 +01:00
7d48427d4f
Integrate ZAP 2.8.0 (no HUB) as the setup is different also update the filtering as usual ZAP exclusion is again broken
2019-11-11 21:17:51 +01:00
8da4342430
Improve readability of query ( #685 )
...
thanks! and do not forget to clean your .webgoat... local db related files
2019-11-04 13:28:35 +01:00
1a83e2825e
Code style ( #696 )
...
* Remove Guava dependency from WebGoat
* Add Checkstyle to the project with very basic standards so we have a
style across lessons. It does not interfere with basic Intellij formatting
2019-11-03 18:11:09 +01:00
25dae3a4a8
Fix merge request
2019-10-30 08:28:14 +01:00
e783c0c1f1
SQL: Cannot use apostrophe/quotes on string literals #662
2019-10-30 08:28:14 +01:00
96d11697d4
SQL Injection lesson 6 minor mistakes in examples #663
2019-10-30 08:28:14 +01:00
a0933d83d5
Reworked all the SQL statements to be uppercase
2019-10-30 08:28:14 +01:00
e0ac4a1083
lessons in correct order and scoreboard visible again ( #680 )
2019-10-10 09:45:43 +02:00
b481ed70e8
Fix typo in SQL Injection(Introduction) ( #675 )
...
Fix typo `date` to `data` which seems more appropriate in context.
2019-10-03 10:01:35 +02:00
dad9c75ee0
Fix tests after updating from develop, changes applied for migrating to Spring Boot 2
2019-09-23 17:35:04 +02:00
35c1305ce9
Merge conflicts resolved
2019-09-23 07:34:27 +02:00
e8d086ac9b
All successful
2019-09-20 07:59:04 +02:00
82ad0a7cc7
Finally working
2019-09-18 17:53:43 +02:00
5e6f825e64
WIP
2019-09-13 16:42:13 +02:00
fb2e11fe11
fix for complete progress of sql mitigations and integration test
2019-09-10 13:58:58 +02:00
f7c8a271aa
Fixed small typos
2019-09-09 13:55:24 +02:00
7a4f6e6fd3
Merge branch 'JeffreyWagnerBHN-develop' into develop
2019-09-09 13:54:38 +02:00
aec051a9f1
Fixed minor spelling mistake
2019-09-09 13:41:38 +02:00
75a174ff7b
Fixed description and grammer
2019-09-06 21:12:55 -04:00
924a53c22a
fixed sql adv 5 progress and added prove in integration test
2019-08-22 17:44:34 +02:00
7ad3996f2f
fix 6a6b page
2019-07-22 15:36:31 +02:00
b65644edee
progress fix for SqlInjectionMitigations
2019-07-22 12:16:18 +02:00
7d0a63ac95
small html changes to improve progress
2019-07-20 09:34:27 +02:00
656fa40182
style sheet and advanced sql
2019-07-19 16:49:30 +02:00
99435a1073
increased sql form fields and fixed chrome progress
2019-07-19 12:16:06 +02:00
98537426f2
SNAPSHOT version
2019-05-03 11:15:11 +02:00
9b0c4e62c2
New release, updating pom.xml
2019-05-03 09:50:01 +02:00
bcacf94c6f
Added Test for Developer Tools
2019-03-26 08:43:38 +01:00
b190b08258
Added Import of AssignmentsHints to SQL Injection Challenge to fix build error.
2019-03-26 08:43:38 +01:00
256c0d05aa
Implemented some feedback
2019-03-26 08:43:38 +01:00
53c16c8b82
fixed minor spelling mistakes, unified wording
2019-03-26 08:43:38 +01:00
875f0487bd
assignment 4: specifying data type in instructions
2019-03-26 08:43:38 +01:00
5c2d9cd8e9
assignment 5: display query string to user after success, improved regex to allow missing semicolon after query
2019-03-26 08:43:38 +01:00
e976dbe10f
assignment 4: display query string to user after success
2019-03-26 08:43:38 +01:00
f586bded4d
assignment 3: display query string to user after success
2019-03-26 08:43:38 +01:00
7c32232faa
display query string to user after success, added hints
2019-03-26 08:43:38 +01:00
27a61f0f70
Reworked and styled quiz
2019-03-26 08:43:38 +01:00
0915bf3d7f
Changed checkboxes to radio buttons, since it is single choice.
...
Moved css to seperate css file.
Made questions clickable not just the checkbox.
Reworked java code.
Work in Progress...
2019-03-26 08:43:38 +01:00
df49fcdb39
Added a little more info to assignments 11-13 of sql-introduction
2019-03-26 08:43:38 +01:00
d27577c1c4
Implemented better lesson description, hints and feedback
2019-03-26 08:43:38 +01:00
cec60447c4
Fixed error in SQL Inj quiz
...
fixed a type that didn't allow the quiz to load.
2019-03-26 08:43:38 +01:00
