6c25cf8e43
Add path traversal lesson
2020-03-10 08:03:48 +01:00
5dd6b31905
Adjust lesson template ( #704 )
...
* Remove method `getId()` from all lessons as it defaults to the class name
* remove clean up endpoint
* remove unused class `RequestParameter`
* remove unused class `PluginLoadingFailure`
* Move `CourseConfiguration` to lesson package
* Add more content around the lesson template lesson and make it visible as a lesson in WebGoat
* Remove explicit invocation `trackProgress()` inside WebGoat framework so assignments only need to return an `AttackResult`
* Put original solution back as well for SQL string injection
* review comments
* Add
2019-11-17 13:39:56 +01:00
7d48427d4f
Integrate ZAP 2.8.0 (no HUB) as the setup is different also update the filtering as usual ZAP exclusion is again broken
2019-11-11 21:17:51 +01:00
8da4342430
Improve readability of query ( #685 )
...
thanks! and do not forget to clean your .webgoat... local db related files
2019-11-04 13:28:35 +01:00
25dae3a4a8
Fix merge request
2019-10-30 08:28:14 +01:00
96d11697d4
SQL Injection lesson 6 minor mistakes in examples #663
2019-10-30 08:28:14 +01:00
a0933d83d5
Reworked all the SQL statements to be uppercase
2019-10-30 08:28:14 +01:00
e0ac4a1083
lessons in correct order and scoreboard visible again ( #680 )
2019-10-10 09:45:43 +02:00
b481ed70e8
Fix typo in SQL Injection(Introduction) ( #675 )
...
Fix typo `date` to `data` which seems more appropriate in context.
2019-10-03 10:01:35 +02:00
fb2e11fe11
fix for complete progress of sql mitigations and integration test
2019-09-10 13:58:58 +02:00
f7c8a271aa
Fixed small typos
2019-09-09 13:55:24 +02:00
7a4f6e6fd3
Merge branch 'JeffreyWagnerBHN-develop' into develop
2019-09-09 13:54:38 +02:00
aec051a9f1
Fixed minor spelling mistake
2019-09-09 13:41:38 +02:00
75a174ff7b
Fixed description and grammer
2019-09-06 21:12:55 -04:00
7ad3996f2f
fix 6a6b page
2019-07-22 15:36:31 +02:00
b65644edee
progress fix for SqlInjectionMitigations
2019-07-22 12:16:18 +02:00
7d0a63ac95
small html changes to improve progress
2019-07-20 09:34:27 +02:00
656fa40182
style sheet and advanced sql
2019-07-19 16:49:30 +02:00
99435a1073
increased sql form fields and fixed chrome progress
2019-07-19 12:16:06 +02:00
256c0d05aa
Implemented some feedback
2019-03-26 08:43:38 +01:00
53c16c8b82
fixed minor spelling mistakes, unified wording
2019-03-26 08:43:38 +01:00
875f0487bd
assignment 4: specifying data type in instructions
2019-03-26 08:43:38 +01:00
7c32232faa
display query string to user after success, added hints
2019-03-26 08:43:38 +01:00
27a61f0f70
Reworked and styled quiz
2019-03-26 08:43:38 +01:00
0915bf3d7f
Changed checkboxes to radio buttons, since it is single choice.
...
Moved css to seperate css file.
Made questions clickable not just the checkbox.
Reworked java code.
Work in Progress...
2019-03-26 08:43:38 +01:00
df49fcdb39
Added a little more info to assignments 11-13 of sql-introduction
2019-03-26 08:43:38 +01:00
d27577c1c4
Implemented better lesson description, hints and feedback
2019-03-26 08:43:38 +01:00
cec60447c4
Fixed error in SQL Inj quiz
...
fixed a type that didn't allow the quiz to load.
2019-03-26 08:43:38 +01:00
7daaac9a3f
Fixed Typos
2019-03-26 08:43:38 +01:00
64d3cdfc86
Added info to sql injections introduction to check out the CIA-Traid lesson if unfamiliar with it.
2019-03-26 08:43:38 +01:00
4878ea637e
Fixed wrong Hint in SqlInjection Assignment 5a/b
2019-03-26 08:43:38 +01:00
8b61811278
Added doc to quiz js
2019-03-26 08:43:38 +01:00
74961c5632
ace_collect now uses API call
2019-03-26 08:43:38 +01:00
43504b9a7b
Fixed Double Hints in SqlInjection Advanced Challenge
2019-03-26 08:43:38 +01:00
91e6f70919
Added lesson (no content yet) for explaining nist password standards.
2019-03-26 08:43:38 +01:00
98a32c7cdf
Fixed bug, where assignment hints did not get displayed.
2019-03-26 08:43:38 +01:00
6cf3740c04
Fixes bug in introduction assignment 3 and adjusted wording in assignment
...
1
2019-03-26 08:43:38 +01:00
e873752eac
Reworked description and added additional hints. Split regex for code checks for better readability.
2019-03-26 08:43:38 +01:00
ea04d6ef35
Removed ajax from assignment. Now using normal post-request.
...
Made successmessages green and failure messages red for all sql-i messages
2019-03-26 08:43:38 +01:00
f66ad51721
Added comment parsing and feedback to text editor lessons
2019-03-26 08:43:38 +01:00
b22deec5b8
Added quick fix description to code editor assignment
2019-03-26 08:43:38 +01:00
fffbb3c804
Added missing messages.
2019-03-26 08:43:38 +01:00
dd8b067a55
Changed names of hints and messages fro SQL-Injection assignments for better readability in properties file.
2019-03-26 08:43:38 +01:00
596383fd59
bugfixes
2019-03-26 08:43:38 +01:00
90da672be2
added hints to sql injection assignment 4 & 5, minor text changes to be consistent to other assignments
2019-03-26 08:43:38 +01:00
6b669df025
implemented assignment 4, some other changes
2019-03-26 08:43:38 +01:00
7733ea0c85
Bug fixes due to changed fuction, Updated text
2019-03-26 08:43:38 +01:00
295b5a4772
implemented assignment 2 & 3 of sql injection lession
2019-03-26 08:43:38 +01:00
3a7601d348
Moved js files to global directory, added id system to question json
2019-03-26 08:43:38 +01:00
61d8051b5f
Added feedback for assignment
2019-03-26 08:43:38 +01:00
