dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,763 Commits 11 Branches 78 Tags
Commit Graph

1763 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Nanne Baars
839bdbd9e2 Forgot uncommenting Docker login command in script 2017-10-18 12:19:41 +02:00
Nanne Baars
42775c1980 Adding apt-get install of curl to Dockerfile 2017-10-18 12:07:56 +02:00
Nanne Baars
9e37a3e702 Adding Docker as service 2017-10-18 11:54:05 +02:00
Nanne Baars
3ee1a1ca16 Travis now builds Docker and create a Github release. 
Removed ActiveMQ between WebGoat and WebWolf they now act as standalone applications
 2017-10-18 10:54:16 +02:00
Nanne Baars
50543a9b55 Cleaning up test case logging 2017-10-13 23:14:47 +02:00
misfir3
994b181b8f Merge pull request #393 from misfir3/develop 
Typo fix for CSRF content
 2017-10-13 10:34:40 -06:00
Jason White
49c3008fe2 Typo fix for CSRF content 2017-10-13 10:33:38 -06:00
misfir3
0fd704bb54 Merge pull request #392 from misfir3/develop 
Image Cleanup for Http Proxies
 2017-10-13 10:18:33 -06:00
Jason White
9e66ee177d Image Cleanup for Http Proxies 2017-10-13 10:13:07 -06:00
misfir3
09742323b3 Merge pull request #391 from misfir3/develop 
xss updates
 2017-10-13 09:56:22 -06:00
misfir3
4e7034f6c1 Merge pull request #390 from misfir3/develop 
csrf lesson update
 2017-10-13 09:52:41 -06:00
Jason White
f9a43d0961 xss updates 2017-10-13 09:52:19 -06:00
Jason White
8d488c6ac6 More CSRF Updates 2017-10-13 09:28:41 -06:00
Jason White
b03a32f92c update to do CSRF-based comment forging 2017-10-12 18:17:48 -06:00
Jason White
d0ec84e9a6 Merge remote-tracking branch 'upstream/develop' into develop 2017-10-11 20:29:47 -06:00
Jason White
17e122b914 adding .DS_Store to .gitignore 2017-10-11 20:28:36 -06:00
Jason White
b156d81535 Initial cut on CSRF. More to come 2017-10-11 20:06:57 -06:00
Nanne Baars
5033c3661a Cleaning up test case logging 2017-10-08 02:07:22 +02:00
Nanne Baars
6cb526aa43 Maven build generates too much output for Travis CI 2017-10-08 01:58:03 +02:00
Nanne Baars
14b188597a Maven build generates too much output for Travis CI 2017-10-07 19:27:53 +02:00
Nanne Baars
8a982dedb5 Updated XXE lesson so it also uses WebWolf 2017-10-07 13:46:34 +02:00
Nanne Baars
94caba7eb1 Landing page incoming requests now look whether the referer is WebGoat (all incoming requests from WebGoat will now be logged) 2017-09-13 00:22:52 +02:00
Nanne Baars
109fe2c438 Added WebWolf to Docker 2017-09-12 23:44:32 +02:00
Nanne Baars
46c536554c - Added new challenges 
- Added new webapplication called WebWolf to make attacks more realistic
- Added WebWolf lesson to explain the concepts behind this new application
 2017-09-12 23:12:10 +02:00
Nanne Baars
56f19caed6 #380 Download mongodb while building the Docker image. If you are behind a proxy (or no connection) during the start of WebGoat you might not be able to download the mongodb binary. 2017-08-15 08:15:44 +02:00
misfir3
6a440a93c0 Merge pull request #379 from misfir3/missing-function-level-ac 
Missing function level ac
 2017-08-09 00:29:31 -06:00
Jason White
ec2ab55749 fixing test directory structure 2017-08-09 00:24:04 -06:00
Jason White
2463f534b5 Formatting and bumping file in test dir 2017-08-09 00:19:34 -06:00
misfir3
51c9363162 Merge pull request #378 from misfir3/missing-function-level-ac 
Missing function level ac
 2017-08-09 00:10:22 -06:00
Jason White
8f740ace73 additional tests, one fix 2017-08-08 23:56:43 -06:00
Jason White
476ab415a4 More tests for AC lesson 2017-08-08 18:47:49 -06:00
Jason White
b8d17a1cfd Basic endpoint tests added 2017-08-08 18:06:18 -06:00
Jason White
b41751a55c missing function level ac working again ... after VM implosion 2017-08-08 17:15:20 -06:00
Jason White
8df1d53471 interim missing function ac commit, traversing dev. env. 2017-08-08 09:28:09 -06:00
Jason White
06bf690a3a Merge remote-tracking branch 'upstream/develop' into develop 2017-08-02 19:12:29 -04:00
Jason White
10e5edbc36 temp. removal of offending UT 2017-08-02 19:06:55 -04:00
Nanne Baars
49621c637f Upgraded to latest in memory MongoDB (due to download link no longer working) 2017-07-26 05:07:15 +02:00
Nanne Baars
0b92a57f77 WebGoat no longer runs as root in the Docker container. 2017-07-26 05:06:40 +02:00
Nanne Baars
b06fb72a74 Fixed typo 2017-07-25 17:41:37 +02:00
Jason White
f1a104f0ab merging missing function-level-ac lesson 2017-07-25 09:44:10 -04:00
Jason White
8186bd4766 css and xss updates 2017-07-24 18:05:57 -04:00
Jason White
c44186f986 start of missing function ac lesson 2017-07-24 16:26:23 -04:00
Jason White
ca4b0c06b5 lesson css file 2017-07-24 11:34:10 -04:00
misfir3
c87f75ed18 Merge pull request #375 from misfir3/develop 
Minor Updates to Categories and IDOR hints
 2017-07-19 16:45:38 -04:00
Jason White
fc05a68ef7 update to IDOR hints 2017-07-19 16:00:10 -04:00
Jason White
dce962bdeb Updating Category ordering, closer to T10 2017-07-19 15:54:50 -04:00
Paul Moreno
8a2499c56a Update to README.MD (#372) 
Providing instructions on how to change listening IP address.
 2017-07-19 09:55:10 -04:00
Jason White
9e1e4c1d2a Merge remote-tracking branch 'upstream/develop' into auth-bypass 2017-07-19 08:58:24 -04:00
Jason White
b57cfd06b1 Started testing. Having issues, but commiting stubs and making ticket to return 2017-07-19 08:56:48 -04:00
Jason White
89bfc3f12d fixing image 2017-07-18 17:54:50 -04:00