dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2,140 Commits 11 Branches 78 Tags
Commit Graph

2140 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Matthias Grundmann
c7da546249 Improve text for lesson about CSRF login 2018-06-16 17:52:18 +02:00
misfir3
a41ff0083c
Merge pull request #479 from misfir3/develop 
Recent updates, including Missing Function AC content & patch for Vuln Components Lesson
 2018-06-13 18:44:09 -06:00
misfir3
701a99cf8f
Merge pull request #487 from matthias-g/xssFixes 
Small lesson improvements
 2018-06-13 18:42:14 -06:00
misfir3
844808bfa7
Merge pull request #485 from matthias-g/fixSQLInjection 
Fix sql injection
 2018-06-13 18:41:05 -06:00
Matthias Grundmann
81aac93dfe
Usage base64 encoded password as expected by JJWT 2018-06-13 17:58:52 +02:00
Matthias Grundmann
e5ec2c1ee0
Fix html attribute 2018-06-13 17:56:57 +02:00
Matthias Grundmann
b0fbeaff2c
This improves the text of the lesson about XSS 2018-06-13 17:56:23 +02:00
Matthias Grundmann
b47bb96534
Update changed password in tests 2018-06-13 16:11:28 +02:00
Matthias Grundmann
3b9b695ef1 Check host header instead of origin which might not be present #475 2018-06-13 11:38:33 +02:00
Matthias Grundmann
1d2575a211 Allow - in usernames because CSRF lesson requires username starting with prefix crsf- #476 2018-06-13 11:38:33 +02:00
Matthias Grundmann
56fc983414
Update database layout so that proposed solution works 2018-06-12 17:40:28 +02:00
Matthias Grundmann
268adbcf7e
Move assignments to correct package so that hints are shown 2018-06-12 17:40:28 +02:00
Matthias Grundmann
f383454440 Fix spelling in JWT lesson 2018-06-12 11:02:51 +02:00
Matthias Grundmann
bae3e75ae2 Fix minor issues in hint view 2018-06-12 11:02:16 +02:00
Matthias Grundmann
a7b82985d4 Fix usage of JJWT API which expects base64 encoded strings as key 2018-06-12 11:01:23 +02:00
Matthias Grundmann
3d282e163c Show newest comments first 
This prevents new comments from not being displayed after a comment containing invalid html has been posted.
 2018-06-12 10:54:13 +02:00
Matthias Grundmann
7068c84c6a Fix parameter in url and some spelling 2018-06-12 10:54:13 +02:00
misfir3
0030c7bdfb
Merge pull request #480 from matthias-g/fixPageNum 
Fix next page button when url doesn't end with page number
 2018-06-07 11:27:29 -06:00
Matthias Grundmann
89f6a73275
Fix next page button when url doesn't end with page number 2018-06-07 19:07:58 +02:00
Jason White
cf0e4e40cf clean up 2018-06-05 14:36:40 -06:00
Jason White
dfd51f8b54 Merge branch 'develop' of github.com:misfir3/WebGoat into develop 2018-06-05 14:10:51 -06:00
Jason White
5e8c610fbf gke-deploy.sh 2018-06-05 14:10:29 -06:00
Jason White
71514fc39b GKE deploy script 2018-06-05 09:45:47 -06:00
Jason
1734170e9e updates to missing function ac lesson 2018-06-04 16:53:13 -06:00
Jason
c89afe6334 Merge remote-tracking branch 'upstream/develop' into develop 2018-06-01 09:54:03 -06:00
Nanne Baars
9af0054b5b Merge branch 'release/v8.0.0.M17' v8.0.0.M17 2018-05-30 20:54:18 +02:00
Nanne Baars
26aa72e721 New release 2018-05-30 20:54:13 +02:00
Nanne Baars
c510bd9bf1 New develop version 2018-05-30 20:37:25 +02:00
Nanne Baars
6bf853d953 Merge tag 'v8.0.0.M16' into develop 
New release
 2018-05-30 20:35:56 +02:00
Nanne Baars
b298440985 Merge branch 'release/v8.0.0.M16' v8.0.0.M16 2018-05-30 20:35:22 +02:00
Nanne Baars
c7a714a590 Move to next release 2018-05-30 17:05:50 +02:00
Nanne Baars
93620f148b Remove challenges which are also incorporated in the lessons themselves 2018-05-30 16:46:50 +02:00
Nanne Baars
ecb7688e08 Update to new version for develop 
Move WebWolf to port 9090 easier since most of the time something is running on 8081
Add scripts for easy building Docker files etc
 2018-05-30 13:17:05 +02:00
Nanne Baars
0de784eb32 Update README and simply the java command to one with optional arguments 2018-05-29 22:16:29 +02:00
Nanne Baars
4691bc5fd5 Extended proxy lesson with Edit and Resend and explained how to exclude WebGoat internal calls from proxying 2018-05-29 21:30:13 +02:00
Nanne Baars
fc2c99bcb4 Limit the username to letters and digits only 2018-05-29 16:16:52 +02:00
Nanne Baars
7292a577e3 Only do a release when we build master and have a tagged the release 2018-05-29 15:20:07 +02:00
Nanne Baars
396c1c1d47 Update order of starting WebGoat 2018-05-29 15:16:29 +02:00
Nanne Baars
2911788679 Merge tag 'v8.0.0' into develop 
Release v8.0.0
 2018-05-29 14:59:32 +02:00
Nanne Baars
985148ede3 Merge branch 'release/v8.0.0' v8.0.0 2018-05-29 14:59:07 +02:00
MaDuck
9587550bc5 Fixed column name on sql injection lesson 7 2018-05-29 14:42:22 +02:00
MaDuck
9a0995dae5 Fixed column name on sql injection lesson 6 2018-05-29 14:42:02 +02:00
Nanne Baars
4e07e0ebfa Fix links to open new browser tab 2018-05-29 14:04:33 +02:00
Nanne Baars
6e95fdfe56 Adjusted documentation 2018-05-29 13:33:52 +02:00
Nanne Baars
e045bc692d Buying page also calculates the prices 
Product image added
 2018-05-29 12:47:27 +02:00
Nanne Baars
589872ad47 Fix for JWT assignment 1 log in now works again. 
Reset button only triggers reset when admin is set to true in the token
 2018-05-29 11:20:40 +02:00
Nanne Baars
5f4889cefe Clicking link in first password reset link only switched back and forward 2018-05-29 09:29:50 +02:00
Nanne Baars
55793dd153 New release v8.0.0.M15 v8.0.0.M15 2018-05-27 20:54:50 +02:00
Nanne Baars
1edceb0aa8 Extended and fixed some lessons 2018-05-27 20:37:44 +02:00
Nanne Baars
d2b6725f3b Moved challenge2 to client-side-filtering as final assignment 2018-05-27 12:41:52 +02:00