|
|
921561cf32
|
mitigation content update ... 2
|
2017-06-27 11:33:39 -04:00 |
|
|
|
ebb851b361
|
mitigation content update
|
2017-06-27 11:28:16 -04:00 |
|
|
|
296723508b
|
IDOR hints updated
|
2017-06-27 10:26:22 -04:00 |
|
|
|
dd18e68660
|
merge of upstream, conflict resolution
|
2017-06-27 08:30:58 -04:00 |
|
|
|
3a9bb946ed
|
update for XXE solutions
|
2017-06-27 08:27:06 -04:00 |
|
|
|
3ec5b8708e
|
clean up of unneeded stuff in pom
|
2017-06-23 14:46:40 -04:00 |
|
|
|
ccb4e3813b
|
#353 - lesson template/guide
|
2017-06-23 14:46:09 -04:00 |
|
|
|
edceba73fe
|
- Added testcases for bypassing frontend validation.
- Improved layout of the lesson
- Fixed JavaScript issues with 'let'
|
2017-06-16 01:16:31 +02:00 |
|
|
|
bf210de013
|
Added testcase for SQL lesson 6b
|
2017-06-16 00:33:02 +02:00 |
|
|
|
e808abd504
|
Added testcase for SQL lesson 6a
|
2017-06-16 00:23:40 +02:00 |
|
|
|
f1fd214580
|
Added more testcases for the SQL lesson 12
|
2017-06-15 23:49:03 +02:00 |
|
|
|
7809057208
|
Enabled the challenges again to make them visible for everybody who starts WebGoat
|
2017-06-15 23:38:04 +02:00 |
|
|
|
36ad73c800
|
Added more mitigations for XXE
|
2017-06-15 23:36:51 +02:00 |
|
|
|
a484467419
|
Adding extra lesson for order by clauses
|
2017-06-15 19:08:19 +02:00 |
|
|
|
ee912f734b
|
Added SQL injection from challenge to lesson and added content for a blind sql injection
|
2017-06-15 19:08:19 +02:00 |
|
|
|
0740c4ba95
|
Split large SQL lesson
|
2017-06-15 19:08:19 +02:00 |
|
|
|
b048988d2f
|
Changed layout of the html tampering lesson and fixed some JavaScript issues. Added a small mitigation page.
Moved the lessons concerning client side validation to client side category
|
2017-06-13 03:22:19 +02:00 |
|
|
|
09d8fef50e
|
Merge branch 'develop' of github.com:WebGoat/WebGoat into develop
|
2017-06-12 20:02:30 +02:00 |
|
|
|
870fa000aa
|
bypass front-end restrictions (javascript validation)
|
2017-06-13 10:09:39 +02:00 |
|
|
|
01421ca822
|
html restrictions lesson
|
2017-06-13 10:09:39 +02:00 |
|
|
|
007cdaa0d8
|
insecure login lesson
|
2017-06-13 10:09:39 +02:00 |
|
|
|
99f75a835c
|
#359 Fixed
|
2017-06-12 20:02:21 +02:00 |
|
|
|
52a48df70c
|
XXE successfully completed message was no longer shown, fixed it by using form POST together with customjs functions.
Introduced callback functionality which you can specify after the posting in order to be able to load the comments list again.
|
2017-06-12 15:08:55 +02:00 |
|
|
|
19a4859e4f
|
Fix hint not being display correctly due to missing escaping
|
2017-06-12 13:03:14 +02:00 |
|
|
|
06a3f5d189
|
http-proxies updates
|
2017-06-09 15:33:21 -04:00 |
|
|
|
2305d355c7
|
isEncoded and isNotEncoded Unit Tests added
|
2017-05-25 19:36:02 -04:00 |
|
|
|
31548b9c57
|
Additional Unit Testing
|
2017-05-24 17:12:28 -04:00 |
|
|
|
e733131241
|
Stubs for security unit test
|
2017-05-24 13:12:36 -04:00 |
|
|
|
a9e5dd645d
|
comment, clean up
|
2017-05-22 20:10:03 -04:00 |
|
|
|
129e9deba9
|
Added testcase for SQL injection lesson
|
2017-05-21 16:40:52 +02:00 |
|
|
|
0ad1f0d147
|
Fixing Travis issues while building
|
2017-05-21 13:28:29 +02:00 |
|
|
|
edea515564
|
Test failed due to hardcoded path
|
2017-05-21 12:46:10 +02:00 |
|
|
|
877de6ebd4
|
Updated XXE lessons with challenge screens
|
2017-05-21 12:24:42 +02:00 |
|
|
|
a5b4aeaa76
|
updating header comment license thingy
|
2017-05-20 21:49:40 -04:00 |
|
|
|
857f09df14
|
initial unit tests for assignment endpoints
|
2017-05-20 21:17:02 -04:00 |
|
|
|
feead6b740
|
initial cut on XSS, need to add some tests still
|
2017-05-18 14:41:14 -04:00 |
|
|
|
6f0f71b131
|
Changed XXE lessons to use photo comment example
|
2017-05-04 06:25:11 +02:00 |
|
|
|
4a061f61a6
|
Integrated XXE assigment from CTF to XXE lesson
|
2017-05-04 02:25:56 +02:00 |
|
|
|
d25f71532b
|
Moved challenge 4 to challenge 6 and introduced new sql injection challenge 5
|
2017-05-03 17:30:49 +02:00 |
|
|
|
e656d30b7e
|
hint updates
|
2017-05-11 10:44:26 +01:00 |
|
|
|
9cd5f101d4
|
challenge 1 hint update
|
2017-05-11 09:05:01 +01:00 |
|
|
|
ff89daf987
|
Moved challenge 4 to challenge 6 and introduced new sql injection challenge 5
|
2017-05-03 14:34:15 +02:00 |
|
|
|
4baceeb98b
|
challenge 1 hint update
|
2017-05-11 08:57:16 +01:00 |
|
|
|
5508a08e20
|
small UI improvement
|
2017-05-03 03:33:49 +02:00 |
|
|
|
97e84ae872
|
Adding assignment class for challenge 5
|
2017-05-03 03:30:06 +02:00 |
|
|
|
6909d13ecb
|
Fixed challenge 1
|
2017-05-03 03:16:07 +02:00 |
|
|
|
4f561fc377
|
Added testcases for challenge 2 and 5
|
2017-05-03 02:47:17 +02:00 |
|
|
|
efe5ca4b4d
|
http-proxies update for AppSecEU challenge
|
2017-05-09 15:07:56 +01:00 |
|
|
|
f6d7016b96
|
typo fix
|
2017-05-09 15:07:56 +01:00 |
|
|
|
6184a05c15
|
Fix challenge 1 testcase
|
2017-05-02 23:37:37 +02:00 |
|
