dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,682 Commits 11 Branches 78 Tags
Commit Graph

1682 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Nanne Baars
7809057208 Enabled the challenges again to make them visible for everybody who starts WebGoat 2017-06-15 23:38:04 +02:00
Nanne Baars
36ad73c800 Added more mitigations for XXE 2017-06-15 23:36:51 +02:00
Nanne Baars
e9ad20cb30 Make sure we clean all the files below the .webgoat dir 2017-06-15 19:08:19 +02:00
Nanne Baars
a484467419 Adding extra lesson for order by clauses 2017-06-15 19:08:19 +02:00
Nanne Baars
ee912f734b Added SQL injection from challenge to lesson and added content for a blind sql injection 2017-06-15 19:08:19 +02:00
Nanne Baars
0740c4ba95 Split large SQL lesson 2017-06-15 19:08:19 +02:00
Nanne Baars
b048988d2f Changed layout of the html tampering lesson and fixed some JavaScript issues. Added a small mitigation page. 
Moved the lessons concerning client side validation to client side category
 2017-06-13 03:22:19 +02:00
Nanne Baars
09d8fef50e Merge branch 'develop' of github.com:WebGoat/WebGoat into develop 2017-06-12 20:02:30 +02:00
Michal Smolík
870fa000aa bypass front-end restrictions (javascript validation) 2017-06-13 10:09:39 +02:00
Michal Smolík
01421ca822 html restrictions lesson 2017-06-13 10:09:39 +02:00
Michal Smolík
007cdaa0d8 insecure login lesson 2017-06-13 10:09:39 +02:00
Nanne Baars
99f75a835c #359 Fixed 2017-06-12 20:02:21 +02:00
Nanne Baars
52a48df70c XXE successfully completed message was no longer shown, fixed it by using form POST together with customjs functions. 
Introduced callback functionality which you can specify after the posting in order to be able to load the comments list again.
 2017-06-12 15:08:55 +02:00
Nanne Baars
19a4859e4f Fix hint not being display correctly due to missing escaping 2017-06-12 13:03:14 +02:00
Nanne Baars
129e9deba9 Added testcase for SQL injection lesson 2017-05-21 16:40:52 +02:00
Nanne Baars
9f12da1434 Changed e-mail address 2017-05-21 14:44:33 +02:00
Nicholas J. Parks
13a2661cb2 modifications to README for GKE-Docker 2017-05-21 16:04:49 +02:00
Nicholas J. Parks
2729486c24 make sure there are new lines at the end of these files 2017-05-21 16:04:49 +02:00
Nicholas J. Parks
9990023d98 A Whole bunch of readme edits 2017-05-21 16:04:49 +02:00
Nicholas J. Parks
a10d926859 Misc Text updates 2017-05-21 16:04:49 +02:00
Nicholas J. Parks
8c0abe06b8 Horrible Murican! Grammar and spelling… 2017-05-21 16:04:49 +02:00
Nicholas J. Parks
6206aa84b2 Markdown 2017-05-21 16:04:49 +02:00
Nicholas J. Parks
086e674bf4 A Whole bunch of readme 2017-05-21 16:04:49 +02:00
Nicholas J. Parks
70625ff5a2 Add Google Cloud Platform Initial Seed Items 2017-05-21 16:04:49 +02:00
Nicholas J. Parks
fedd2b1be6 arbitrary difference between code commit and GitHub…really arbitrary 2017-05-21 16:04:49 +02:00
Nicholas J. Parks
284c05ee29 change to use GitHub instead of code commit 2017-05-21 16:04:49 +02:00
Nicholas J. Parks
c3d18d5582 initial add of cloudformation for platform seeding purposes 2017-05-21 16:04:49 +02:00
Ryan Canty
fbb389a7b4 Updated the instructions for running on Docker 
- Removed unnecessary white space
- Included the instructions for what path in the URL to go to once the
	app starts
- Added instructions for different types of docker use (boot2docker,
	etc)
 2017-05-21 16:01:03 +02:00
Nanne Baars
0ad1f0d147 Fixing Travis issues while building 2017-05-21 13:28:29 +02:00
Nanne Baars
2b2451dd9c testing with Travis dirs 2017-05-21 13:10:52 +02:00
Nanne Baars
50795d9ded testing with Travis dirs 2017-05-21 13:06:00 +02:00
Nanne Baars
edea515564 Test failed due to hardcoded path 2017-05-21 12:46:10 +02:00
Nanne Baars
877de6ebd4 Updated XXE lessons with challenge screens 2017-05-21 12:24:42 +02:00
Nanne Baars
cb9503d4a3 Upgraded to Spring Boot 1.5.3 2017-05-21 11:04:13 +02:00
Nanne Baars
6f0f71b131 Changed XXE lessons to use photo comment example 2017-05-04 06:25:11 +02:00
Nanne Baars
05f6fb226f Removed challenges from pom.xml 2017-05-04 03:05:47 +02:00
Nanne Baars
8d3c251d04 Merge branch 'challenge' into develop 
Conflicts:
	webgoat-container/src/main/resources/static/css/main.css
 2017-05-04 03:02:00 +02:00
Nanne Baars
4a061f61a6 Integrated XXE assigment from CTF to XXE lesson 2017-05-04 02:25:56 +02:00
Nanne Baars
d25f71532b Moved challenge 4 to challenge 6 and introduced new sql injection challenge 5 2017-05-03 17:30:49 +02:00
Jason White
e656d30b7e hint updates 2017-05-11 10:44:26 +01:00
Jason White
9cd5f101d4 challenge 1 hint update 2017-05-11 09:05:01 +01:00
Nanne Baars
ff89daf987 Moved challenge 4 to challenge 6 and introduced new sql injection challenge 5 2017-05-03 14:34:15 +02:00
Jason White
4baceeb98b challenge 1 hint update 2017-05-11 08:57:16 +01:00
Jason White
08e7916b39 polling updates, including banner for appseceu 2017-05-10 16:15:38 +01:00
Nanne Baars
cae937c83e Updated menu item for challenges 2017-05-03 11:51:24 +02:00
Jason White
c7c664ad4a polling for scoreboard added (appseceu) 2017-05-10 15:28:07 +01:00
Nanne Baars
a676fffc4e Added Gatling performance testing 2017-05-03 09:40:57 +02:00
Jason White
328cd9bf24 For quick reloading/restart via intelliJ during dev 2017-05-10 13:08:27 +01:00
Jason White
118079233d hints view fix. still a redundant call issue, but logging separately 2017-05-10 13:08:27 +01:00
Nanne Baars
194a327ad5 Fixed issue when restarting the lesson the menu was not updated (the marker stayed behind) 
Also restarting the lesson was not persisted
 2017-05-03 05:08:00 +02:00