WebGoat

Author	SHA1	Message	Date
Jason	91d9db5f80	work-arounds, fixes for page initialization and some clean-up	2018-05-23 13:35:51 +02:00
pjhggns	6a5ca43e7e	Strip out slash-escaped JSON sequence received in client. The server will slash-escape some JSON related characters before sending. Need to strip them out before using, on the client side.	2018-05-02 22:21:22 +02:00
miig	9aa674e326	stringfy object so it's visible in the console	2018-05-02 22:04:25 +02:00
Nanne Baars	6b4a488c8c	Users shared now between WebGoat and WebWolf by starting HSQLDB as standalone database	2018-05-01 22:00:07 +02:00
Nanne Baars	11ffa5702c	Added "WebWolf" enabled to the lessons which support the usage of WebWolf	2018-04-29 15:02:19 +02:00
Nanne Baars	e4ca0c4836	Make report working again	2018-04-27 19:26:01 +02:00
Nanne Baars	e422da4c64	Polling for lesson updates (updates the menu and page navigation)	2018-04-27 18:50:13 +02:00
Nanne Baars	245ba2c3d1	Fix XXE lesson, the exact .webgoat directory including version number will be put in the lesson.	2018-04-24 20:44:05 +02:00
nbaars	98efc1235f	By default binds to ALL network interfaces #431	2018-01-29 15:32:02 +01:00
nbaars	04ccf9a422	New release should create a new webgoat directory with version tag inside #423	2018-01-21 17:46:43 +01:00
nbaars	05d8b590f3	Merge tag '8.0.0' into develop Release 8.0.0	2017-12-30 16:52:24 +01:00
nbaars	c6e86861fe	Removed Mongodb, so we do not have issues with downloading the embedded Mongodb. Moved back to JPA and use HSQLDB for storing user information.	2017-12-29 22:12:21 +01:00
Nanne Baars	157b982394	successFunction and failureFunction were selected by using the main form (so the succesFunction of the first assignment was used for the next assignment) not the currentForm we determined in onFormSubmit() function.	2017-11-17 07:06:56 +01:00
Nanne Baars	6c91e7dc8a	Fixed WebWolf issues with sending e-mails	2017-11-15 11:58:31 +01:00
Nanne Baars	8729d9bfcf	Fixed minor issues for properties and starting WebGoat	2017-11-02 12:42:19 +01:00
Jason	24cf806787	more hints/helps cleanup	2017-10-25 18:05:08 -06:00
Jason	c6f1c5cd2a	#351 - using listenToOnce to get rid of redundant calls	2017-10-25 17:11:54 -06:00
Nanne Baars	3ee1a1ca16	Travis now builds Docker and create a Github release. Removed ActiveMQ between WebGoat and WebWolf they now act as standalone applications	2017-10-18 10:54:16 +02:00
Nanne Baars	5033c3661a	Cleaning up test case logging	2017-10-08 02:07:22 +02:00
Nanne Baars	8a982dedb5	Updated XXE lesson so it also uses WebWolf	2017-10-07 13:46:34 +02:00
Nanne Baars	46c536554c	- Added new challenges - Added new webapplication called WebWolf to make attacks more realistic - Added WebWolf lesson to explain the concepts behind this new application	2017-09-12 23:12:10 +02:00
Jason White	b41751a55c	missing function level ac working again ... after VM implosion	2017-08-08 17:15:20 -06:00
Jason White	8df1d53471	interim missing function ac commit, traversing dev. env.	2017-08-08 09:28:09 -06:00
Jason White	f1a104f0ab	merging missing function-level-ac lesson	2017-07-25 09:44:10 -04:00
Jason White	8186bd4766	css and xss updates	2017-07-24 18:05:57 -04:00
Jason White	ca4b0c06b5	lesson css file	2017-07-24 11:34:10 -04:00
Jason White	0cb4faf15f	refactor to support cleaner scoping && success and failure callbacks	2017-07-18 17:39:58 -04:00
Jason White	fb65534355	Merging from 'injection-updates' into local develop branch	2017-07-03 15:22:02 -04:00
Jason White	2e4e4ea716	including restart lesson fix for lesson overview	2017-07-03 12:37:15 -04:00
Jason White	daaf361dd2	Lesson Overview updates	2017-07-03 12:14:01 -04:00
Jason White	89e2fc109c	Work-around to handle special chars in action ... currently to be able to match {userId} in hint creation/assignment for IDOR	2017-06-27 10:24:38 -04:00
Jason White	dd18e68660	merge of upstream, conflict resolution	2017-06-27 08:30:58 -04:00
Nanne Baars	7809057208	Enabled the challenges again to make them visible for everybody who starts WebGoat	2017-06-15 23:38:04 +02:00
Nanne Baars	52a48df70c	XXE successfully completed message was no longer shown, fixed it by using form POST together with customjs functions. Introduced callback functionality which you can specify after the posting in order to be able to load the comments list again.	2017-06-12 15:08:55 +02:00
Nanne Baars	0ad1f0d147	Fixing Travis issues while building	2017-05-21 13:28:29 +02:00
Nanne Baars	2b2451dd9c	testing with Travis dirs	2017-05-21 13:10:52 +02:00
Nanne Baars	50795d9ded	testing with Travis dirs	2017-05-21 13:06:00 +02:00
Nanne Baars	877de6ebd4	Updated XXE lessons with challenge screens	2017-05-21 12:24:42 +02:00
Jason White	feead6b740	initial cut on XSS, need to add some tests still	2017-05-18 14:41:14 -04:00
Nanne Baars	8d3c251d04	Merge branch 'challenge' into develop Conflicts: webgoat-container/src/main/resources/static/css/main.css	2017-05-04 03:02:00 +02:00
Jason White	08e7916b39	polling updates, including banner for appseceu	2017-05-10 16:15:38 +01:00
Jason White	c7c664ad4a	polling for scoreboard added (appseceu)	2017-05-10 15:28:07 +01:00
Jason White	328cd9bf24	For quick reloading/restart via intelliJ during dev	2017-05-10 13:08:27 +01:00
Jason White	118079233d	hints view fix. still a redundant call issue, but logging separately	2017-05-10 13:08:27 +01:00
Nanne Baars	194a327ad5	Fixed issue when restarting the lesson the menu was not updated (the marker stayed behind) Also restarting the lesson was not persisted	2017-05-03 05:08:00 +02:00
Jason White	6fbd8457c1	update for width .. FF fix	2017-05-02 10:02:42 -04:00
Jason White	480dfe6a0a	scoreboard v 0.1 we'll say	2017-05-05 13:12:01 -04:00
Jason White	aeaa3cd1a2	removing template cruft from other lesson	2017-05-05 09:59:59 -04:00
Nanne Baars	454e8d4c14	Solving an assignment twice adds its again which breaks the UI because the endpoint for lessonoverview returns mulitple values for the same assignment.	2017-05-02 04:38:30 +02:00
Jason White	b840b0f3b5	additional support for scoreboard view	2017-05-02 22:24:31 -04:00

1 2 3 4

154 Commits