WebGoat

Author	SHA1	Message	Date
Nanne Baars	641d75e734	Link to the original lesson for the goal	2020-10-20 22:09:49 +02:00
René Zubcevic	317573c897	Small fixes june 2020 (#857 ) * issue 849 * another integration test for a challenge * fixing issue 848 * updated link for issue 833 * fix for 847	2020-07-08 19:26:09 +02:00
Nanne Baars	1aad57ba55	Fix the syntax differences between HSQL and Postgres	2020-04-27 11:45:41 +02:00
Nanne Baars	54610868fe	Fix the syntax differences between HSQL and Postgres	2020-04-27 11:45:41 +02:00
Satoshi SAKAO	d7ae3a4391	fix typo	2020-04-27 10:44:39 +02:00
Satoshi SAKAO	608728b135	fix asciidoc italic format	2020-04-27 10:44:39 +02:00
René Zubcevic	88eb4d7b26	ace editor added without all the nonsense around it	2020-04-26 16:45:56 +02:00
René Zubcevic	6f532683a1	lessonplan character updates so it also works on Windows Cp125	2020-04-20 12:54:18 +02:00
Nanne Baars	407e19638f	Add two more assignments for SQL injection where only filtering is applied.	2020-04-19 15:42:50 +02:00
Nanne Baars	6c25cf8e43	Add path traversal lesson	2020-03-10 08:03:48 +01:00
Nanne Baars	5dd6b31905	Adjust lesson template (#704 ) * Remove method `getId()` from all lessons as it defaults to the class name * remove clean up endpoint * remove unused class `RequestParameter` * remove unused class `PluginLoadingFailure` * Move `CourseConfiguration` to lesson package * Add more content around the lesson template lesson and make it visible as a lesson in WebGoat * Remove explicit invocation `trackProgress()` inside WebGoat framework so assignments only need to return an `AttackResult` * Put original solution back as well for SQL string injection * review comments * Add	2019-11-17 13:39:56 +01:00
Nanne Baars	7d48427d4f	Integrate ZAP 2.8.0 (no HUB) as the setup is different also update the filtering as usual ZAP exclusion is again broken	2019-11-11 21:17:51 +01:00
Cotonne	8da4342430	Improve readability of query (#685 ) thanks! and do not forget to clean your .webgoat... local db related files	2019-11-04 13:28:35 +01:00
Nanne Baars	25dae3a4a8	Fix merge request	2019-10-30 08:28:14 +01:00
Nanne Baars	96d11697d4	SQL Injection lesson 6 minor mistakes in examples #663	2019-10-30 08:28:14 +01:00
Nanne Baars	a0933d83d5	Reworked all the SQL statements to be uppercase	2019-10-30 08:28:14 +01:00
René Zubcevic	e0ac4a1083	lessons in correct order and scoreboard visible again (#680 )	2019-10-10 09:45:43 +02:00
Choe Hyeong Jin	b481ed70e8	Fix typo in SQL Injection(Introduction) (#675 ) Fix typo `date` to `data` which seems more appropriate in context.	2019-10-03 10:01:35 +02:00
René Zubcevic	fb2e11fe11	fix for complete progress of sql mitigations and integration test	2019-09-10 13:58:58 +02:00
Nanne Baars	f7c8a271aa	Fixed small typos	2019-09-09 13:55:24 +02:00
Nanne Baars	7a4f6e6fd3	Merge branch 'JeffreyWagnerBHN-develop' into develop	2019-09-09 13:54:38 +02:00
ephemeralwaves	aec051a9f1	Fixed minor spelling mistake	2019-09-09 13:41:38 +02:00
Jeffrey Wagner	75a174ff7b	Fixed description and grammer	2019-09-06 21:12:55 -04:00
Rene Zubcevic	7ad3996f2f	fix 6a6b page	2019-07-22 15:36:31 +02:00
Rene Zubcevic	b65644edee	progress fix for SqlInjectionMitigations	2019-07-22 12:16:18 +02:00
René Zubcevic	7d0a63ac95	small html changes to improve progress	2019-07-20 09:34:27 +02:00
Rene Zubcevic	656fa40182	style sheet and advanced sql	2019-07-19 16:49:30 +02:00
Rene Zubcevic	99435a1073	increased sql form fields and fixed chrome progress	2019-07-19 12:16:06 +02:00
Tobias-Melzer	256c0d05aa	Implemented some feedback	2019-03-26 08:43:38 +01:00
Timur Linden	53c16c8b82	fixed minor spelling mistakes, unified wording	2019-03-26 08:43:38 +01:00
PhilippeSteinbach	875f0487bd	assignment 4: specifying data type in instructions	2019-03-26 08:43:38 +01:00
PhilippeSteinbach	7c32232faa	display query string to user after success, added hints	2019-03-26 08:43:38 +01:00
Benedikt - Desktop	27a61f0f70	Reworked and styled quiz	2019-03-26 08:43:38 +01:00
Benedikt - Desktop	0915bf3d7f	Changed checkboxes to radio buttons, since it is single choice. Moved css to seperate css file. Made questions clickable not just the checkbox. Reworked java code. Work in Progress...	2019-03-26 08:43:38 +01:00
Benedikt - Desktop	df49fcdb39	Added a little more info to assignments 11-13 of sql-introduction	2019-03-26 08:43:38 +01:00
Tobias-Melzer	d27577c1c4	Implemented better lesson description, hints and feedback	2019-03-26 08:43:38 +01:00
MaxGeldner	cec60447c4	Fixed error in SQL Inj quiz fixed a type that didn't allow the quiz to load.	2019-03-26 08:43:38 +01:00
Tobias-Melzer	7daaac9a3f	Fixed Typos	2019-03-26 08:43:38 +01:00
Benedikt - Desktop	64d3cdfc86	Added info to sql injections introduction to check out the CIA-Traid lesson if unfamiliar with it.	2019-03-26 08:43:38 +01:00
Tobias-Melzer	4878ea637e	Fixed wrong Hint in SqlInjection Assignment 5a/b	2019-03-26 08:43:38 +01:00
Max Geldner	8b61811278	Added doc to quiz js	2019-03-26 08:43:38 +01:00
Max Geldner	74961c5632	ace_collect now uses API call	2019-03-26 08:43:38 +01:00
Tobias_Melzer	43504b9a7b	Fixed Double Hints in SqlInjection Advanced Challenge	2019-03-26 08:43:38 +01:00
Benedikt - Desktop	91e6f70919	Added lesson (no content yet) for explaining nist password standards.	2019-03-26 08:43:38 +01:00
Bene-Notebook	98a32c7cdf	Fixed bug, where assignment hints did not get displayed.	2019-03-26 08:43:38 +01:00
Max Geldner	6cf3740c04	Fixes bug in introduction assignment 3 and adjusted wording in assignment 1	2019-03-26 08:43:38 +01:00
Benedikt - Desktop	e873752eac	Reworked description and added additional hints. Split regex for code checks for better readability.	2019-03-26 08:43:38 +01:00
Benedikt - Desktop	ea04d6ef35	Removed ajax from assignment. Now using normal post-request. Made successmessages green and failure messages red for all sql-i messages	2019-03-26 08:43:38 +01:00
Max Geldner	f66ad51721	Added comment parsing and feedback to text editor lessons	2019-03-26 08:43:38 +01:00
Max Geldner	b22deec5b8	Added quick fix description to code editor assignment	2019-03-26 08:43:38 +01:00

1 2 3

114 Commits