WebGoat

Author	SHA1	Message	Date
Nanne Baars	6c25cf8e43	Add path traversal lesson	2020-03-10 08:03:48 +01:00
Nanne Baars	5dd6b31905	Adjust lesson template (#704 ) * Remove method `getId()` from all lessons as it defaults to the class name * remove clean up endpoint * remove unused class `RequestParameter` * remove unused class `PluginLoadingFailure` * Move `CourseConfiguration` to lesson package * Add more content around the lesson template lesson and make it visible as a lesson in WebGoat * Remove explicit invocation `trackProgress()` inside WebGoat framework so assignments only need to return an `AttackResult` * Put original solution back as well for SQL string injection * review comments * Add	2019-11-17 13:39:56 +01:00
Nanne Baars	7d48427d4f	Integrate ZAP 2.8.0 (no HUB) as the setup is different also update the filtering as usual ZAP exclusion is again broken	2019-11-11 21:17:51 +01:00
Cotonne	8da4342430	Improve readability of query (#685 ) thanks! and do not forget to clean your .webgoat... local db related files	2019-11-04 13:28:35 +01:00
Nanne Baars	25dae3a4a8	Fix merge request	2019-10-30 08:28:14 +01:00
Nanne Baars	96d11697d4	SQL Injection lesson 6 minor mistakes in examples #663	2019-10-30 08:28:14 +01:00
Nanne Baars	a0933d83d5	Reworked all the SQL statements to be uppercase	2019-10-30 08:28:14 +01:00
René Zubcevic	e0ac4a1083	lessons in correct order and scoreboard visible again (#680 )	2019-10-10 09:45:43 +02:00
Choe Hyeong Jin	b481ed70e8	Fix typo in SQL Injection(Introduction) (#675 ) Fix typo `date` to `data` which seems more appropriate in context.	2019-10-03 10:01:35 +02:00
René Zubcevic	fb2e11fe11	fix for complete progress of sql mitigations and integration test	2019-09-10 13:58:58 +02:00
Nanne Baars	f7c8a271aa	Fixed small typos	2019-09-09 13:55:24 +02:00
Nanne Baars	7a4f6e6fd3	Merge branch 'JeffreyWagnerBHN-develop' into develop	2019-09-09 13:54:38 +02:00
ephemeralwaves	aec051a9f1	Fixed minor spelling mistake	2019-09-09 13:41:38 +02:00
Jeffrey Wagner	75a174ff7b	Fixed description and grammer	2019-09-06 21:12:55 -04:00
Rene Zubcevic	7ad3996f2f	fix 6a6b page	2019-07-22 15:36:31 +02:00
Rene Zubcevic	b65644edee	progress fix for SqlInjectionMitigations	2019-07-22 12:16:18 +02:00
René Zubcevic	7d0a63ac95	small html changes to improve progress	2019-07-20 09:34:27 +02:00
Rene Zubcevic	656fa40182	style sheet and advanced sql	2019-07-19 16:49:30 +02:00
Rene Zubcevic	99435a1073	increased sql form fields and fixed chrome progress	2019-07-19 12:16:06 +02:00
Tobias-Melzer	256c0d05aa	Implemented some feedback	2019-03-26 08:43:38 +01:00
Timur Linden	53c16c8b82	fixed minor spelling mistakes, unified wording	2019-03-26 08:43:38 +01:00
PhilippeSteinbach	875f0487bd	assignment 4: specifying data type in instructions	2019-03-26 08:43:38 +01:00
PhilippeSteinbach	7c32232faa	display query string to user after success, added hints	2019-03-26 08:43:38 +01:00
Benedikt - Desktop	27a61f0f70	Reworked and styled quiz	2019-03-26 08:43:38 +01:00
Benedikt - Desktop	0915bf3d7f	Changed checkboxes to radio buttons, since it is single choice. Moved css to seperate css file. Made questions clickable not just the checkbox. Reworked java code. Work in Progress...	2019-03-26 08:43:38 +01:00
Benedikt - Desktop	df49fcdb39	Added a little more info to assignments 11-13 of sql-introduction	2019-03-26 08:43:38 +01:00
Tobias-Melzer	d27577c1c4	Implemented better lesson description, hints and feedback	2019-03-26 08:43:38 +01:00
MaxGeldner	cec60447c4	Fixed error in SQL Inj quiz fixed a type that didn't allow the quiz to load.	2019-03-26 08:43:38 +01:00
Tobias-Melzer	7daaac9a3f	Fixed Typos	2019-03-26 08:43:38 +01:00
Benedikt - Desktop	64d3cdfc86	Added info to sql injections introduction to check out the CIA-Traid lesson if unfamiliar with it.	2019-03-26 08:43:38 +01:00
Tobias-Melzer	4878ea637e	Fixed wrong Hint in SqlInjection Assignment 5a/b	2019-03-26 08:43:38 +01:00
Max Geldner	8b61811278	Added doc to quiz js	2019-03-26 08:43:38 +01:00
Max Geldner	74961c5632	ace_collect now uses API call	2019-03-26 08:43:38 +01:00
Tobias_Melzer	43504b9a7b	Fixed Double Hints in SqlInjection Advanced Challenge	2019-03-26 08:43:38 +01:00
Benedikt - Desktop	91e6f70919	Added lesson (no content yet) for explaining nist password standards.	2019-03-26 08:43:38 +01:00
Bene-Notebook	98a32c7cdf	Fixed bug, where assignment hints did not get displayed.	2019-03-26 08:43:38 +01:00
Max Geldner	6cf3740c04	Fixes bug in introduction assignment 3 and adjusted wording in assignment 1	2019-03-26 08:43:38 +01:00
Benedikt - Desktop	e873752eac	Reworked description and added additional hints. Split regex for code checks for better readability.	2019-03-26 08:43:38 +01:00
Benedikt - Desktop	ea04d6ef35	Removed ajax from assignment. Now using normal post-request. Made successmessages green and failure messages red for all sql-i messages	2019-03-26 08:43:38 +01:00
Max Geldner	f66ad51721	Added comment parsing and feedback to text editor lessons	2019-03-26 08:43:38 +01:00
Max Geldner	b22deec5b8	Added quick fix description to code editor assignment	2019-03-26 08:43:38 +01:00
Benedikt - Desktop	fffbb3c804	Added missing messages.	2019-03-26 08:43:38 +01:00
Benedikt - Desktop	dd8b067a55	Changed names of hints and messages fro SQL-Injection assignments for better readability in properties file.	2019-03-26 08:43:38 +01:00
philippesteinbach	596383fd59	bugfixes	2019-03-26 08:43:38 +01:00
philippesteinbach	90da672be2	added hints to sql injection assignment 4 & 5, minor text changes to be consistent to other assignments	2019-03-26 08:43:38 +01:00
philippesteinbach	6b669df025	implemented assignment 4, some other changes	2019-03-26 08:43:38 +01:00
philippesteinbach	7733ea0c85	Bug fixes due to changed fuction, Updated text	2019-03-26 08:43:38 +01:00
philippesteinbach	295b5a4772	implemented assignment 2 & 3 of sql injection lession	2019-03-26 08:43:38 +01:00
Max Geldner	3a7601d348	Moved js files to global directory, added id system to question json	2019-03-26 08:43:38 +01:00
Max Geldner	61d8051b5f	Added feedback for assignment	2019-03-26 08:43:38 +01:00

1 2 3

105 Commits