36ad73c800
Added more mitigations for XXE
2017-06-15 23:36:51 +02:00
e9ad20cb30
Make sure we clean all the files below the .webgoat dir
2017-06-15 19:08:19 +02:00
a484467419
Adding extra lesson for order by clauses
2017-06-15 19:08:19 +02:00
ee912f734b
Added SQL injection from challenge to lesson and added content for a blind sql injection
2017-06-15 19:08:19 +02:00
0740c4ba95
Split large SQL lesson
2017-06-15 19:08:19 +02:00
b048988d2f
Changed layout of the html tampering lesson and fixed some JavaScript issues. Added a small mitigation page.
...
Moved the lessons concerning client side validation to client side category
2017-06-13 03:22:19 +02:00
09d8fef50e
Merge branch 'develop' of github.com:WebGoat/WebGoat into develop
2017-06-12 20:02:30 +02:00
870fa000aa
bypass front-end restrictions (javascript validation)
2017-06-13 10:09:39 +02:00
01421ca822
html restrictions lesson
2017-06-13 10:09:39 +02:00
007cdaa0d8
insecure login lesson
2017-06-13 10:09:39 +02:00
99f75a835c
#359 Fixed
2017-06-12 20:02:21 +02:00
52a48df70c
XXE successfully completed message was no longer shown, fixed it by using form POST together with customjs functions.
...
Introduced callback functionality which you can specify after the posting in order to be able to load the comments list again.
2017-06-12 15:08:55 +02:00
19a4859e4f
Fix hint not being display correctly due to missing escaping
2017-06-12 13:03:14 +02:00
06a3f5d189
http-proxies updates
2017-06-09 15:33:21 -04:00
2305d355c7
isEncoded and isNotEncoded Unit Tests added
2017-05-25 19:36:02 -04:00
31548b9c57
Additional Unit Testing
2017-05-24 17:12:28 -04:00
e733131241
Stubs for security unit test
2017-05-24 13:12:36 -04:00
a9e5dd645d
comment, clean up
2017-05-22 20:10:03 -04:00
129e9deba9
Added testcase for SQL injection lesson
2017-05-21 16:40:52 +02:00
9f12da1434
Changed e-mail address
2017-05-21 14:44:33 +02:00
13a2661cb2
modifications to README for GKE-Docker
2017-05-21 16:04:49 +02:00
2729486c24
make sure there are new lines at the end of these files
2017-05-21 16:04:49 +02:00
9990023d98
A Whole bunch of readme edits
2017-05-21 16:04:49 +02:00
a10d926859
Misc Text updates
2017-05-21 16:04:49 +02:00
8c0abe06b8
Horrible Murican! Grammar and spelling…
2017-05-21 16:04:49 +02:00
6206aa84b2
Markdown
2017-05-21 16:04:49 +02:00
086e674bf4
A Whole bunch of readme
2017-05-21 16:04:49 +02:00
70625ff5a2
Add Google Cloud Platform Initial Seed Items
2017-05-21 16:04:49 +02:00
fedd2b1be6
arbitrary difference between code commit and GitHub…really arbitrary
2017-05-21 16:04:49 +02:00
284c05ee29
change to use GitHub instead of code commit
2017-05-21 16:04:49 +02:00
c3d18d5582
initial add of cloudformation for platform seeding purposes
2017-05-21 16:04:49 +02:00
fbb389a7b4
Updated the instructions for running on Docker
...
- Removed unnecessary white space
- Included the instructions for what path in the URL to go to once the
app starts
- Added instructions for different types of docker use (boot2docker,
etc)
2017-05-21 16:01:03 +02:00
0ad1f0d147
Fixing Travis issues while building
2017-05-21 13:28:29 +02:00
2b2451dd9c
testing with Travis dirs
2017-05-21 13:10:52 +02:00
50795d9ded
testing with Travis dirs
2017-05-21 13:06:00 +02:00
edea515564
Test failed due to hardcoded path
2017-05-21 12:46:10 +02:00
877de6ebd4
Updated XXE lessons with challenge screens
2017-05-21 12:24:42 +02:00
cb9503d4a3
Upgraded to Spring Boot 1.5.3
2017-05-21 11:04:13 +02:00
a5b4aeaa76
updating header comment license thingy
2017-05-20 21:49:40 -04:00
857f09df14
initial unit tests for assignment endpoints
2017-05-20 21:17:02 -04:00
feead6b740
initial cut on XSS, need to add some tests still
2017-05-18 14:41:14 -04:00
6f0f71b131
Changed XXE lessons to use photo comment example
2017-05-04 06:25:11 +02:00
05f6fb226f
Removed challenges from pom.xml
2017-05-04 03:05:47 +02:00
8d3c251d04
Merge branch 'challenge' into develop
...
Conflicts:
webgoat-container/src/main/resources/static/css/main.css
2017-05-04 03:02:00 +02:00
4a061f61a6
Integrated XXE assigment from CTF to XXE lesson
2017-05-04 02:25:56 +02:00
d25f71532b
Moved challenge 4 to challenge 6 and introduced new sql injection challenge 5
2017-05-03 17:30:49 +02:00
e656d30b7e
hint updates
2017-05-11 10:44:26 +01:00
9cd5f101d4
challenge 1 hint update
2017-05-11 09:05:01 +01:00
ff89daf987
Moved challenge 4 to challenge 6 and introduced new sql injection challenge 5
2017-05-03 14:34:15 +02:00
4baceeb98b
challenge 1 hint update
2017-05-11 08:57:16 +01:00
