dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,839 Commits 11 Branches 78 Tags
Commit Graph

36 Commits

Author SHA1 Message Date
Nanne Baars
f30db3abfc New version number 2018-04-11 20:45:12 +02:00
nbaars
c6e86861fe Removed Mongodb, so we do not have issues with downloading the embedded Mongodb. Moved back to JPA and use HSQLDB for storing user information. 2017-12-29 22:12:21 +01:00
Nanne Baars
f91f77708a New version 2017-11-02 21:44:30 +01:00
Nanne Baars
87a7521dcd Adding introduction to WebGoat as the web interface opens with WebWolf which is confusing because people thought you needed to download WebWolf and start it directly. Feedback received during workshops 2017-11-02 14:28:20 +01:00
Nanne Baars
1ecb43092d Bumped version number 2017-10-18 19:58:14 +02:00
Nanne Baars
8250b4048f Updating version number 2017-10-18 19:43:33 +02:00
Jason White
d0ec84e9a6 Merge remote-tracking branch 'upstream/develop' into develop 2017-10-11 20:29:47 -06:00
Jason White
b156d81535 Initial cut on CSRF. More to come 2017-10-11 20:06:57 -06:00
Nanne Baars
46c536554c - Added new challenges 
- Added new webapplication called WebWolf to make attacks more realistic
- Added WebWolf lesson to explain the concepts behind this new application
 2017-09-12 23:12:10 +02:00
Jason White
c44186f986 start of missing function ac lesson 2017-07-24 16:26:23 -04:00
Jason White
ce7c271bb5 initial cut on auth-bypass lesson 2017-07-18 15:59:46 -04:00
Jason White
ccb4e3813b #353 - lesson template/guide 2017-06-23 14:46:09 -04:00
Michal Smolík
870fa000aa bypass front-end restrictions (javascript validation) 2017-06-13 10:09:39 +02:00
Michal Smolík
01421ca822 html restrictions lesson 2017-06-13 10:09:39 +02:00
Michal Smolík
007cdaa0d8 insecure login lesson 2017-06-13 10:09:39 +02:00
Nanne Baars
877de6ebd4 Updated XXE lessons with challenge screens 2017-05-21 12:24:42 +02:00
Nanne Baars
259fd19c1b - Introduced user registration 
- Now using Spring Boot for classloading, this way local development does not need to restart the complete server
- Fixed all kinds of dependencies on the names of the lessons necessary to keep in mind during the creation of a lesson.
- Simplied loading of resources, by adding resource mappings in MvcConfig.
- Refactored plugin loading, now only one class is left for loading the lessons.
 2017-03-22 11:35:14 +01:00
Nanne Baars
9b86aaba05 Adding challenge 2017-03-22 00:09:17 +01:00
Nanne Baars
f71d02fc6a Merge branch 'develop' into develop 2017-03-02 21:24:09 +01:00
Nanne Baars
2d6235e4f0 Provide Server-side service to support UI localization #265 
- Now also enabled for adoc
 2017-03-02 21:17:21 +01:00
Jason White
d99a1d8448 temp. dep. mgmt resolution 2017-02-17 14:53:23 -05:00
Nanne Baars
8d3b028acc Solved issue with POST in vulnerable components lesson 2017-02-07 23:38:57 +01:00
mayhew64
85ef7ee1a4 Merge branch 'develop' of https://github.com/WebGoat/WebGoat into develop 2017-02-06 09:19:29 -05:00
Nanne Baars
d25700434e Added tests for assignments 2017-01-31 23:28:59 +01:00
mayhew64
fbd37b39bd Merge branch 'develop' of https://github.com/WebGoat/WebGoat into develop 2017-01-28 11:05:16 -05:00
mayhew64
a564ff2038 adding in Vulnerable Components lesson 2017-01-28 10:59:44 -05:00
Jason White
2b31a19143 #319 2017-01-27 15:39:31 -05:00
Jason White
65eaa934ea Initial/partial commit of IDOR lesson 2017-01-05 17:30:53 -05:00
Nanne Baars
b8b632905d Fixing failing unit test 2016-12-08 22:06:21 +01:00
mayhew64
95607089d4 First draft at XSS 2016-11-21 13:39:43 -05:00
Nanne Baars
f698a2d6ae XXE first attempt 2016-11-17 16:27:41 +01:00
Nanne Baars
640e3ffb4e mvn clean should also clean lesson jar files added .webgoat directory as well 2016-11-15 18:12:29 +01:00
mayhew64
abcc6c4dcb SQL Injection - it's broken 2016-11-15 07:11:24 -05:00
Nanne Baars
89a717bbd2 Clean up and introduced Spring Dev tools to automatically reload classes. 2016-10-30 15:13:32 +01:00
Nanne Baars
b8992bdc0e Spring Boot reload automatically enabled 2016-10-16 10:38:14 -04:00
Nanne Baars
c72e8df532 Moved lessons to this project. 2016-10-13 12:09:01 -04:00