dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2,298 Commits 11 Branches 78 Tags
Commit Graph

72 Commits

Author SHA1 Message Date
Nanne Baars
5dd6b31905 Adjust lesson template (#704) 
* Remove method `getId()` from all lessons as it defaults to the class name

* remove clean up endpoint

* remove unused class `RequestParameter`

* remove unused class `PluginLoadingFailure`

* Move `CourseConfiguration` to lesson package

* Add more content around the lesson template lesson and make it visible as a lesson in WebGoat

* Remove explicit invocation `trackProgress()` inside WebGoat framework so assignments only need to return an `AttackResult`

* Put original solution back as well for SQL string injection

* review comments

* Add
 2019-11-17 13:39:56 +01:00
Nanne Baars
1a83e2825e Code style (#696) 
* Remove Guava dependency from WebGoat

* Add Checkstyle to the project with very basic standards so we have a
style across lessons. It does not interfere with basic Intellij formatting
 2019-11-03 18:11:09 +01:00
Nanne Baars
d73875e8e8 Remove empty line 2019-10-30 08:28:14 +01:00
Rene Zubcevic
8d7142e6d3 upgrade ascii doc with support for link in new tab 2019-10-15 13:55:34 +02:00
René Zubcevic
0319c477b1
XSS lesson completion fixes (#669) 
* XSS lesson completion fixes

* removed log all

* lesson progress capable of deprecated assignments in the database

* fixed unit test for lesson progress
 2019-09-29 14:46:18 +02:00
Nanne Baars
e8d086ac9b All successful 2019-09-20 07:59:04 +02:00
Nanne Baars
82ad0a7cc7 Finally working 2019-09-18 17:53:43 +02:00
Nanne Baars
f774364461 Working unit tests 2019-09-13 20:05:25 +02:00
Jacob Skiba
7d9f24c86b
Update CrossSiteScripting_content9.adoc 
Fix broken resource link
 2019-08-06 05:26:05 -04:00
Rene Zubcevic
4bafc19883 fixed classcast exception on randValue 2019-04-21 13:59:26 +02:00
Rene Zubcevic
48d926491f removed possible NullpointerException and System.out 2019-04-21 13:59:26 +02:00
Marvin Schöning
b8e68d13b8 implement xss (mitigation) assignment 6 2019-03-26 08:43:38 +01:00
Timur Linden
53c16c8b82 fixed minor spelling mistakes, unified wording 2019-03-26 08:43:38 +01:00
Benedikt - Desktop
2be2de8ce1 Added improved quiz for cia-triad and xss 2019-03-26 08:43:38 +01:00
Timur Linden
e8caeedf53 implemented xss-quiz 2019-03-26 08:43:38 +01:00
PhilippeSteinbach
84f67b5a7e changed order of xss mitigation lesson 2019-03-26 08:43:38 +01:00
Benedikt - Desktop
8c7eaf87d6 Fixed package of xss-mititgation assignment. Hints are working again. 2019-03-26 08:43:38 +01:00
Benedikt - Desktop
587c44b52e Removed unused imports. 2019-03-26 08:43:38 +01:00
Benedikt - Desktop
1d9abef80f Page after assignment working again. 2019-03-26 08:43:38 +01:00
PhilippeSteinbach
2f39f48747 deleted unnecessary lines 2019-03-26 08:43:38 +01:00
PhilippeSteinbach
387a0e8e7d assignment now has working feedback 2019-03-26 08:43:38 +01:00
PhilippeSteinbach
0bd14d9178 (wrong branch) updated assignment (OWASP Java Encoder) and hints (still not shown) 2019-03-26 08:43:38 +01:00
PhilippeSteinbach
06a8bd8b0e Strength bar 2019-03-26 08:43:38 +01:00
PhilippeSteinbach
8bc91ba4ec finished assignment 2019-03-26 08:43:38 +01:00
Bene-Notebook
cfce7763f0 Outcommented lines in XSS Lessons 3 that were causing erros 2019-03-26 08:43:38 +01:00
Philippe Steinbach
63502d6328 added jsoup html parser 2019-03-26 08:43:38 +01:00
Philippe Steinbach
971062561d renamed hints 2019-03-26 08:43:38 +01:00
Philippe Steinbach
e7b69c4953 edited table of relevant special chars (\' not recommended because its not in the HTML spec) 2019-03-26 08:43:38 +01:00
Philippe Steinbach
8944bfcc1d implemented xss mitigation assignment 1, draft validation without parser 2019-03-26 08:43:38 +01:00
Philippe Steinbach
6327b82204 ace editor text as request parameter 2019-03-26 08:43:38 +01:00
Philippe Steinbach
f209c424b4 mitigation preparations 2019-03-26 08:43:38 +01:00
Philippe Steinbach
73c2313658 added assignment draft (not working yet) 2019-03-26 08:43:38 +01:00
Benedikt - Desktop
eb29ed00ff Removed old unused files from XSS 2019-03-26 08:43:38 +01:00
Benedikt - Desktop
58dc5d2d41 Removed unneccessary comments from html documents. 2019-03-26 08:43:38 +01:00
Benedikt - Desktop
600c6203ef Changed the lesson plans of all the XSS lessons. 2019-03-26 08:43:38 +01:00
Max Geldner
2ee3b22207 Reworked some XSS assignments 2019-03-26 08:43:38 +01:00
Benedikt - Desktop
990bf079d3 Added hints for dom-based xss assignment (part 2) 2019-03-26 08:43:38 +01:00
Benedikt - Desktop
362671e67e Added hints for dom-based xss assignment (part 1) 2019-03-26 08:43:38 +01:00
Benedikt - Desktop
46f92dad3b Added hints for Reflected XSS assignment. 2019-03-26 08:43:38 +01:00
Bene-Notebook
2962ddbb3e Restructured XSS category. Updated gitignore to ignore TestClass.class. 2019-03-26 08:43:38 +01:00
Matthias Grundmann
b0fbeaff2c
This improves the text of the lesson about XSS 2018-06-13 17:56:23 +02:00
Matthias Grundmann
3d282e163c Show newest comments first 
This prevents new comments from not being displayed after a comment containing invalid html has been posted.
 2018-06-12 10:54:13 +02:00
Matthias Grundmann
7068c84c6a Fix parameter in url and some spelling 2018-06-12 10:54:13 +02:00
Jason
ac1b9e8311 cleanup that was missed in prev. commit 2018-05-23 13:35:51 +02:00
Jason
9d49373486 fix for periodic fail on StoredXssCommentsTest 2018-05-23 13:35:51 +02:00
xanderhades
7b5bb6d6f1 Fixed typos 2018-05-23 13:35:51 +02:00
Nanne Baars
e4ca0c4836 Make report working again 2018-04-27 19:26:01 +02:00
nbaars
a6b9235711 SQL Error '-104' in XSS Lesson Page 7 #416 2018-01-10 12:48:45 +01:00
Jason White
f9a43d0961 xss updates 2017-10-13 09:52:19 -06:00
Nanne Baars
5033c3661a Cleaning up test case logging 2017-10-08 02:07:22 +02:00