dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2,677 Commits 11 Branches 78 Tags
Commit Graph

76 Commits

Author SHA1 Message Date
Nanne Baars
ac4b06f11b Move enabling security to WebGoat core and add resetting the lessons. 
We can use it for more lessons and showcase how to apply security directly from the source code.

Resolves: #1176
 2021-12-20 16:45:06 +01:00
Àngel Ollé Blázquez
5107e111bf test url fix 2021-11-19 13:07:49 +01:00
Àngel Ollé Blázquez
dd2e9f074d Hijack Session Lesson 2021-11-19 13:07:49 +01:00
Nanne Baars
3ad51e6d6b Rewrite lesson to be self-contained and not depend on the core of WebGoat for fetching users 
Split the assignment into 2 assignments
 2021-11-16 16:32:43 +01:00
Nanne Baars
ff67ee6484
Update to correct version 2021-10-04 14:40:19 +02:00
Àngel Ollé Blázquez
dfa0e1cdca XSS Lesson one boolean response 
Signed-off-by: Àngel Ollé Blázquez <angel@olleb.com>
 2021-10-02 01:09:52 +02:00
Nanne Baars
14a6efedf3 Add extra documentation for using the correct algorithm but removing the signature. 2021-09-29 15:21:09 +02:00
Nanne Baars
04d1293a33
#1045: Run build with Java 16 2021-09-23 16:09:28 +02:00
Nanne Baars
60bd04b9aa
Move to snapshot version 2021-07-29 11:13:16 +03:00
Nanne Baars
1381daf06e
Fix zip slip issue on Windows 2021-05-24 16:12:15 +02:00
Nanne Baars
a641a19615
Add zip slip to path traversal lesson 2021-05-23 21:18:56 +02:00
Nanne Baars
69a370f438
New release, updating pom.xml 2021-05-23 20:11:23 +02:00
René Zubcevic
a53ba0af5c
Fix for accidentally disabled integration tests (#997) 
* drop column is no longer required due to better db seperation
'

* integration test fix with BeforeAll
 2021-05-19 18:20:31 +02:00
Nanne Baars
b3f7a5338e Update to latest versions 2021-04-03 10:58:22 +02:00
Nanne Baars
1c6de07a54 Move integration test to JUnit 5 2021-03-31 19:31:13 +02:00
Nanne Baars
ae6d448aa0 Replace ${revision} with real version as Maven 
The CI pipeline should take care of this.
 2021-03-31 19:31:13 +02:00
webgoat-github
b8bdb8f432 Updating to the new development version 2021-03-30 14:05:26 +00:00
Nanne Baars
935871c39a Add some debugging information to know which test cases might have failed 2021-03-29 07:30:03 +02:00
Nanne Baars
68a53bc5dc Fix failing test Windows it fails with a much lower number 2021-03-29 07:30:03 +02:00
Nanne Baars
5a16ea514a Fix quiz 2021-03-15 17:48:13 +01:00
Nanne Baars
d4da2d0efa Convert lesson into using DB instead of using regular expression to check the solution 2021-03-15 17:48:13 +01:00
Nanne Baars
c798e4be32 Fix JWT integration tests 2021-03-15 17:48:13 +01:00
Nanne Baars
1ebd50cb5b WIP 2021-03-15 17:48:13 +01:00
René Zubcevic
431da30946
Selenium test added (#906) 
* add a selenium test for firefox

* add geckodriver and firefox to travis

* install updated

* install updated

* try out suggested webdriver dependency class

* add more resilience
 2021-02-21 19:57:08 +01:00
René Zubcevic
bce4c775bf initial idea for explanation on static code analysis and experience of the fix 2020-12-09 19:40:16 +01:00
René Zubcevic
8bed91a8dc
improved threading and logic based on number of calls and number of tests (#910) 2020-12-08 16:03:36 +01:00
René Zubcevic
89f43229ab
upgrade springboot version and some related unit test fixes (#904) 
* upgrade springboot version and some related unit test fixes

* removed log for test

* removed junit version property
 2020-11-28 17:35:55 +01:00
René Zubcevic
574039902d changed version to snapshot version and introduced revision parameter 
for it
 2020-11-27 12:15:19 +01:00
Nanne Baars
753a2db958 #846: add extra test to verify whether the solution is solved for the original user as well 2020-11-04 20:35:05 +01:00
René Zubcevic
2d2dc22e19 first step 2020-07-09 19:21:42 +02:00
René Zubcevic
317573c897
Small fixes june 2020 (#857) 
* issue 849

* another integration test for a challenge

* fixing issue 848

* updated link for issue 833

* fix for 847
 2020-07-08 19:26:09 +02:00
Nanne Baars
39740e069e New release 2020-05-22 14:10:31 +02:00
René Zubcevic
c4a046bd12
Ch1 less default (#814) 
* random pincode in challenge1

* unit test fix
 2020-05-12 08:49:48 +02:00
René Zubcevic
f520c3589c
flag submission fixed (#812) 2020-05-07 11:04:00 +02:00
René Zubcevic
832d6432fc
fix for JWT green button and WebWolf intro green button and added jwt int tests (#808) 2020-05-07 08:28:45 +02:00
René Zubcevic
f4838e1233 add int test for acl 2020-05-01 09:15:29 +02:00
René Zubcevic
9dea696c4c
added int test for IDOR and fixed green button issue (#801) 2020-04-29 12:12:11 +02:00
René Zubcevic
58bc94d1f6 fix green buttons 2020-04-22 16:37:00 +02:00
Nanne Baars
0015394582 Fix typo 2020-04-19 15:42:50 +02:00
Nanne Baars
407e19638f Add two more assignments for SQL injection where only filtering is applied. 2020-04-19 15:42:50 +02:00
René Zubcevic
9509993a8f
all tests complete for Password Reset (#785) 2020-04-17 15:54:24 +02:00
René Zubcevic
e25f7a7560 clean up and update js 2020-04-08 12:05:01 +02:00
René Zubcevic
c4ae9ae2ab migrate to JUnit 5 code 2020-04-06 16:02:15 +02:00
Nanne Baars
14022d88c9 Last assignment now filters out .. and / so encoding plays a role now 2020-03-10 08:03:48 +01:00
Nanne Baars
b3840e60e3 Fix lessons 2020-03-10 08:03:48 +01:00
Nanne Baars
6c25cf8e43 Add path traversal lesson 2020-03-10 08:03:48 +01:00
René Zubcevic
4e371b63d0
suppressing some useless log messages and banners in unit tests (#752) 
* suppressing some useless log messages and banners in unit tests

* some more log suppressed
 2020-01-25 12:11:45 +01:00
René Zubcevic
f79ad452d2 password reset support for using www.webwolf.local 2019-12-23 17:08:33 +01:00
René Zubcevic
59076fc9ef adjusted WebWolfMacro 2019-12-23 17:08:33 +01:00
René Zubcevic
b5e5dd1d13
Crypto lesson (#712) 
* crypto lesson added

* signing assignment

* integration test added for signing assignment

* added more hints

* corrections after rebase

* added some explanation

* added security defaults assignment
 2019-11-23 21:52:14 +01:00