3bc009297e
Update SessionManagementTest.java ( #1198 )
...
url() is required in this case. You will notice it when changing host name or when using https
2021-12-23 17:07:55 +01:00
ac4b06f11b
Move enabling security to WebGoat core and add resetting the lessons.
...
We can use it for more lessons and showcase how to apply security directly from the source code.
Resolves : #1176
2021-12-20 16:45:06 +01:00
5107e111bf
test url fix
2021-11-19 13:07:49 +01:00
dd2e9f074d
Hijack Session Lesson
2021-11-19 13:07:49 +01:00
3ad51e6d6b
Rewrite lesson to be self-contained and not depend on the core of WebGoat for fetching users
...
Split the assignment into 2 assignments
2021-11-16 16:32:43 +01:00
dfa0e1cdca
XSS Lesson one boolean response
...
Signed-off-by: Àngel Ollé Blázquez <angel@olleb.com >
2021-10-02 01:09:52 +02:00
14a6efedf3
Add extra documentation for using the correct algorithm but removing the signature.
2021-09-29 15:21:09 +02:00
04d1293a33
#1045 : Run build with Java 16
2021-09-23 16:09:28 +02:00
1381daf06e
Fix zip slip issue on Windows
2021-05-24 16:12:15 +02:00
a641a19615
Add zip slip to path traversal lesson
2021-05-23 21:18:56 +02:00
a53ba0af5c
Fix for accidentally disabled integration tests ( #997 )
...
* drop column is no longer required due to better db seperation
'
* integration test fix with BeforeAll
2021-05-19 18:20:31 +02:00
1c6de07a54
Move integration test to JUnit 5
2021-03-31 19:31:13 +02:00
935871c39a
Add some debugging information to know which test cases might have failed
2021-03-29 07:30:03 +02:00
68a53bc5dc
Fix failing test Windows it fails with a much lower number
2021-03-29 07:30:03 +02:00
5a16ea514a
Fix quiz
2021-03-15 17:48:13 +01:00
d4da2d0efa
Convert lesson into using DB instead of using regular expression to check the solution
2021-03-15 17:48:13 +01:00
c798e4be32
Fix JWT integration tests
2021-03-15 17:48:13 +01:00
1ebd50cb5b
WIP
2021-03-15 17:48:13 +01:00
431da30946
Selenium test added ( #906 )
...
* add a selenium test for firefox
* add geckodriver and firefox to travis
* install updated
* install updated
* try out suggested webdriver dependency class
* add more resilience
2021-02-21 19:57:08 +01:00
bce4c775bf
initial idea for explanation on static code analysis and experience of the fix
2020-12-09 19:40:16 +01:00
8bed91a8dc
improved threading and logic based on number of calls and number of tests ( #910 )
2020-12-08 16:03:36 +01:00
89f43229ab
upgrade springboot version and some related unit test fixes ( #904 )
...
* upgrade springboot version and some related unit test fixes
* removed log for test
* removed junit version property
2020-11-28 17:35:55 +01:00
753a2db958
#846 : add extra test to verify whether the solution is solved for the original user as well
2020-11-04 20:35:05 +01:00
2d2dc22e19
first step
2020-07-09 19:21:42 +02:00
317573c897
Small fixes june 2020 ( #857 )
...
* issue 849
* another integration test for a challenge
* fixing issue 848
* updated link for issue 833
* fix for 847
2020-07-08 19:26:09 +02:00
c4a046bd12
Ch1 less default ( #814 )
...
* random pincode in challenge1
* unit test fix
2020-05-12 08:49:48 +02:00
f520c3589c
flag submission fixed ( #812 )
2020-05-07 11:04:00 +02:00
832d6432fc
fix for JWT green button and WebWolf intro green button and added jwt int tests ( #808 )
2020-05-07 08:28:45 +02:00
f4838e1233
add int test for acl
2020-05-01 09:15:29 +02:00
9dea696c4c
added int test for IDOR and fixed green button issue ( #801 )
2020-04-29 12:12:11 +02:00
58bc94d1f6
fix green buttons
2020-04-22 16:37:00 +02:00
0015394582
Fix typo
2020-04-19 15:42:50 +02:00
407e19638f
Add two more assignments for SQL injection where only filtering is applied.
2020-04-19 15:42:50 +02:00
9509993a8f
all tests complete for Password Reset ( #785 )
2020-04-17 15:54:24 +02:00
e25f7a7560
clean up and update js
2020-04-08 12:05:01 +02:00
c4ae9ae2ab
migrate to JUnit 5 code
2020-04-06 16:02:15 +02:00
14022d88c9
Last assignment now filters out .. and / so encoding plays a role now
2020-03-10 08:03:48 +01:00
b3840e60e3
Fix lessons
2020-03-10 08:03:48 +01:00
6c25cf8e43
Add path traversal lesson
2020-03-10 08:03:48 +01:00
4e371b63d0
suppressing some useless log messages and banners in unit tests ( #752 )
...
* suppressing some useless log messages and banners in unit tests
* some more log suppressed
2020-01-25 12:11:45 +01:00
f79ad452d2
password reset support for using www.webwolf.local
2019-12-23 17:08:33 +01:00
59076fc9ef
adjusted WebWolfMacro
2019-12-23 17:08:33 +01:00
b5e5dd1d13
Crypto lesson ( #712 )
...
* crypto lesson added
* signing assignment
* integration test added for signing assignment
* added more hints
* corrections after rebase
* added some explanation
* added security defaults assignment
2019-11-23 21:52:14 +01:00
e07a2aff48
Fix mistake the SQL exception should be throws otherwise users cannot see the table name (servers) makes it impossible to
...
solve the assignment. Add explicit test for this to guard against future mistakes
2019-11-11 21:17:51 +01:00
f7b794bf68
Race condition in counting number of attempts #567 ( #697 )
...
Add version to Hibernate mapping so we get optimistic locking this solves
number of parallel calls trying to update/guess and mess with the lesson
counter
2019-11-03 18:14:15 +01:00
25dae3a4a8
Fix merge request
2019-10-30 08:28:14 +01:00
1f00d461a8
cleaned logs and changed username length for csrf-uuid
2019-10-15 13:59:18 +02:00
6dc679e7b8
final tests and fixed the issue of getting the name of the loggedinuser
2019-10-15 13:59:18 +02:00
00873cfe3f
csrf7 test cases added
2019-10-15 13:59:18 +02:00
e932253f06
initial test cases added
2019-10-15 13:59:18 +02:00
