dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2,362 Commits 11 Branches 78 Tags
9b72610510ae9d62e09ebc3b61002a5b6d5415b3
Commit Graph

582 Commits

Author SHA1 Message Date
Nanne Baars
1a854a500e Lesson overview 2016-11-29 20:27:54 +01:00
Jason White
e183c8d8b3 implementing support for dom xss 2016-11-23 17:25:47 -05:00
Nanne Baars
5347311319 XXE last assignment completely working 2016-11-23 17:09:35 +01:00
Nanne Baars
c80bfcbc2f First checkin for CSRF 
(cherry picked from commit a01a767)
 2016-11-23 17:09:35 +01:00
Jason White
4940a12d0d button size fix 2016-11-22 16:25:19 -05:00
mayhew64
32d1009390 Reflected xss working - still have to think how to get the success criteria. Page needs some work though 2016-11-21 23:09:58 -05:00
Bruce Mayhew
edaadecc38 Merge pull request #286 from WebGoat/feature/spring-boot 
First draft at XSS
 2016-11-21 18:37:53 -05:00
Jason White
2647722842 fixing typo 2016-11-21 13:50:21 -05:00
mayhew64
95607089d4 First draft at XSS 2016-11-21 13:39:43 -05:00
Nanne Baars
f2a114419a XXE checkin 2016-11-18 10:39:39 +01:00
Nanne Baars
38e5999472 XXE checkin 2016-11-17 17:36:17 +01:00
Nanne Baars
f698a2d6ae XXE first attempt 2016-11-17 16:27:41 +01:00
Nanne Baars
6d45bbc09c HTTP-Basics mark lesson complete issue fixed 2016-11-17 15:00:54 +01:00
Jason White
b5fd52e908 refactor to help accomodate multiple attacks and output in one 'page' 2016-11-17 08:06:06 -05:00
mayhew64
507a4cfbdb few cleanup items, added least privilege 2016-11-16 17:56:29 -05:00
mayhew64
f091e21c60 Fixed test for password 2016-11-16 16:18:22 -05:00
mayhew64
29447a11b4 First wave is complete; some rendering issues 2016-11-16 13:41:51 -05:00
mayhew64
24b2e79dc5 Trying to wire up the DB connection and fill out first sql stub 2016-11-15 22:40:24 -05:00
mayhew64
0285bf96a7 another stub 2016-11-15 19:39:23 -05:00
mayhew64
67adddbffc Merge branch 'feature/spring-boot' of https://github.com/WebGoat/WebGoat into feature/spring-boot 2016-11-15 19:38:26 -05:00
mayhew64
8b6ad92aea First round of sql injection with stubs 2016-11-15 19:37:11 -05:00
Nanne Baars
6b9e9db4aa #272 Fix lesson client side filtering 
- Endpoint now returns proper json and no longer uses ecs.
 2016-11-15 22:41:59 +01:00
Nanne Baars
640e3ffb4e mvn clean should also clean lesson jar files added .webgoat directory as well 2016-11-15 18:12:29 +01:00
Nanne Baars
44f5c60e78 #272 Fix lesson client side filtering 2016-11-15 17:38:10 +01:00
mayhew64
00f0ee8942 Fixed imports 2016-11-15 07:26:17 -05:00
mayhew64
dad7bdba92 Merge branch 'feature/spring-boot' of https://github.com/WebGoat/WebGoat into feature/spring-boot 2016-11-15 07:11:43 -05:00
mayhew64
abcc6c4dcb SQL Injection - it's broken 2016-11-15 07:11:24 -05:00
Nanne Baars
5babe19f2b Fixed issue with lesson tracking 2016-11-15 09:28:39 +01:00
Nanne Baars
0bec575913 Moving forward cleaning up some unnecessary lesson super classes which we 
do not need to support anymore in 8.0:

- Introduced DI thoughout the code base
- Removed most superclasses of a lesson
- Hammerhead is now simplified to only one line of code
- Cleaned up WebSession
- Removed code which dealt with user roles, lesson fetching, username etc
- LessonTracker improvements
- Removed almost all code from the Screen class
- Removed ECS from the container project
- Removed adminstration pages, contained a lot of ECS codes which is much
  simpler to just rewrite when necessary
 2016-11-06 21:09:47 +01:00
Nanne Baars
89a717bbd2 Clean up and introduced Spring Dev tools to automatically reload classes. 2016-10-30 15:13:32 +01:00
Nanne Baars
b8992bdc0e Spring Boot reload automatically enabled 2016-10-16 10:38:14 -04:00
Nanne Baars
c72e8df532 Moved lessons to this project. 2016-10-13 12:09:01 -04:00