dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
3,213 Commits 11 Branches 78 Tags
Commit Graph

3213 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Nanne Baars
fa9b5ae87d Remove option to hide menu with the lessons 2020-11-04 21:33:57 +01:00
Nanne Baars
36cf028334 Remove blinking navigation buttons 2020-11-04 21:33:57 +01:00
Nanne Baars
488a8e934a #843: Add readonly field and update the layout of the assignment 2020-11-04 20:35:05 +01:00
Nanne Baars
753a2db958 #846: add extra test to verify whether the solution is solved for the original user as well 2020-11-04 20:35:05 +01:00
Nanne Baars
37e9359c9e #841: Clarify the lesson based on the comments 
- Output messages more clear
- Replace success to failure (otherwise lesson is marked complete immediately)
- Fix the layout of the lesson (remove whitespace update buttons)
 2020-11-04 20:35:05 +01:00
Nanne Baars
7b8523dcab #839: fix the SQL statement as this one does not express that the orderBy clause input is user input 2020-11-04 20:35:05 +01:00
Nanne Baars
dac011db78 fix failing test (order) 2020-10-21 08:05:53 +02:00
Nanne Baars
41879c4603 Blind XXE lesson blocks including the file in the comment directly 2020-10-20 22:09:49 +02:00
Nanne Baars
641d75e734 Link to the original lesson for the goal 2020-10-20 22:09:49 +02:00
Kelly Marchewa
e4ec90db8a chore: update CIA grammar and content 
- misc. grammatical edits
  - add a few more examples
 2020-10-15 08:39:28 +02:00
René Zubcevic
d5f78351a2
lesson pages updated based on comments for #834 and #836 (#864) 2020-08-23 15:36:01 +02:00
René Zubcevic
ef6993c636 improving lesson due to issue #845 2020-07-09 19:21:42 +02:00
René Zubcevic
2d2dc22e19 first step 2020-07-09 19:21:42 +02:00
René Zubcevic
db9e1c4c4f first step 2020-07-09 19:21:42 +02:00
René Zubcevic
317573c897
Small fixes june 2020 (#857) 
* issue 849

* another integration test for a challenge

* fixing issue 848

* updated link for issue 833

* fix for 847
 2020-07-08 19:26:09 +02:00
Roy Stultiens
ba8444dd85
Update 1proxysetupsteps.adoc (#854) 
thanks for the fix
 2020-07-04 08:00:32 +02:00
Mike Robinson
219aad0bbc
Correcting incorrect information (#835) 
Thanks for the improvement. Hope you liked the lesson.
 2020-06-19 17:00:43 +02:00
René Zubcevic
1cbaade9ab
adjustments for arbitrary user support (openshift guideline) (#830) 
* adjustments for arbitrary user support (openshift guideline)

* do not create up front .webgoat
 2020-06-08 07:30:55 +02:00
Elie De Brauwer
98d17433f1 HTML Tampering mitigation: Typo fixes 2020-05-25 09:09:26 +02:00
Elie De Brauwer
11a7814626 Dinis Cruz Blog 
This was discussed in ticket https://github.com/WebGoat/WebGoat/issues/724 however the Dinis Cruz Blog remains available through a blogspot.com URL which might be more interesting to reference than an web.archive.org link.
 2020-05-25 09:08:55 +02:00
Elie De Brauwer
5311db8564 XSS Quiz: Fix 404 
The original URL was malformed because it contained a closing ) which did not end up in the link. However the corrected link performs a redirect to the link provided in this patch.
 2020-05-25 09:08:09 +02:00
Elie De Brauwer
ae156a4a0f Function AC User: Spelling and grammar fixes. 2020-05-25 09:07:31 +02:00
Elie De Brauwer
9576c6b9da Function AC Lesson 1: Spelling and grammar fixes. 2020-05-25 09:07:31 +02:00
Elie De Brauwer
6c83457231 Function ac intro: Spelling and grammar update 2020-05-25 09:07:31 +02:00
Elie De Brauwer
060851a4a2 IDOR_intro.adoc: Fix 404 
The closing ')' in the URL was not taken up in the link causing a 404 when clicking the URL.
 2020-05-24 09:57:29 +02:00
Elie De Brauwer
671691a5ed XXE_changing_content_type.adoc: Typo fixes 2020-05-24 09:56:43 +02:00
Elie De Brauwer
f326755190 XXE_intro.adoc: Typo fixes 2020-05-24 09:56:43 +02:00
Elie De Brauwer
99edda6029 XXE_plan.adoc: Typo fixes 2020-05-24 09:56:43 +02:00
Elie De Brauwer
717f852680 InsecureLogin_intro.adoc: Typo fix 2020-05-24 09:56:43 +02:00
Elie De Brauwer
c42d6b15c3 SecurePasswordsAssignment: Fix output formatting 
- When solving the solution (entering a correct password) then the 'Score: 4/4' does not start on a new line, instead it is glue to the Estimated cracking time line. As a solution the </br> is added as a suffix on that line (and successive lines).
- Maximum score is 4, not 5 (see also the assignment, and https://github.com/nulab/zxcvbn4j/blob/master/src/main/java/com/nulabinc/zxcvbn/TimeEstimates.java#L23 which is the origin of getScore() )
 2020-05-24 09:56:01 +02:00
Elie De Brauwer
dfa3242aeb Delete unused PasswordReset_password_reset_link.adoc 
Not referenced in webgoat-lessons/password-reset/src/main/resources/html/PasswordReset.html, looks like a placeholder/dead code.
 2020-05-24 09:39:18 +02:00
Elie De Brauwer
23762885fa PasswordReset_host_header.adoc: Typo fixes 2020-05-24 09:39:18 +02:00
Elie De Brauwer
60087e441d PasswordReset_SecurityQuestions.adoc: Typo fix. 2020-05-24 09:39:18 +02:00
Elie De Brauwer
2e8d0dd9b5 PasswordReset_plan.adoc: Spelling fixes 2020-05-24 09:38:25 +02:00
Elie De Brauwer
966d7a7aed JWT_refresh.adoc: Fix spelling issues 2020-05-24 09:37:47 +02:00
Nanne Baars
851fd9ae03 Only push to 1 Docker repo 2020-05-23 17:01:13 +02:00
Nanne Baars
637d393889
Update README.MD 2020-05-23 16:40:54 +02:00
Nanne Baars
2dad97bdcb
Docker command without -d option to show output int console 2020-05-23 16:39:37 +02:00
Nanne Baars
c0ce72a2bd Remove Github pages, too many things to keep in sync. 
Let's keep the focus on the OWASP page and the Github README
 2020-05-23 16:35:32 +02:00
Nanne Baars
90ea59cfca Remove Github pages, too many things to keep in sync. 
Let's keep the focus on the OWASP page and the Github README
 2020-05-23 16:30:42 +02:00
Nanne Baars
c695614fac Fix Docker link 2020-05-23 16:30:42 +02:00
Nanne Baars
304312018b
Update README.MD 2020-05-23 16:22:23 +02:00
Nanne Baars
3a2bfc9c24
Cleanup readme 2020-05-23 16:19:22 +02:00
Nanne Baars
3d0f879c12
Remove dep status 2020-05-23 16:17:16 +02:00
Nanne Baars
a4f7059051 Merge branch 'release/v8.1.0' v8.1.0 2020-05-23 14:19:03 +02:00
Nanne Baars
61720b29ea Fix Travis script 2020-05-23 13:40:28 +02:00
Nanne Baars
75700597e6 Merge branch 'release/v8.1.0' into develop 2020-05-22 15:09:11 +02:00
Nanne Baars
bd16fedb33 Merge branch 'release/v8.1.0' 2020-05-22 15:08:50 +02:00
Nanne Baars
39740e069e New release 2020-05-22 14:10:31 +02:00
Nanne Baars
5739705d8a Process review comments 2020-05-22 10:10:42 +02:00