|
|
a2f28460c0
|
Update password_reset.html
Without this attribute it is impossible to pass the lesson "password-reset" `Email functionality with WebWolf`.
|
2018-11-19 08:08:41 +01:00 |
|
|
|
f9a4061604
|
Fix typo
|
2018-09-12 09:54:44 +02:00 |
|
|
|
580e50f558
|
Same form post is used and with autocomplete this does not work because all fields will be posted. The endpoint could no long distinguish between the different actions (sending e-mail and checking password)
|
2018-08-10 13:15:40 +02:00 |
|
|
|
1252e3dc21
|
Update instructions to use docker-compose only
|
2018-07-17 20:17:35 +02:00 |
|
|
|
63a50df7a1
|
Add hint to lesson users no longer have guess the complete ip address
|
2018-07-06 18:22:29 +02:00 |
|
|
|
2233550fe1
|
Adding more solutions for SQL order by lesson
|
2018-06-22 14:12:37 +02:00 |
|
|
|
cb18295f9f
|
Update hint
|
2018-06-21 07:53:21 +02:00 |
|
|
|
651698d96c
|
Add different solution for XXE attack
|
2018-06-21 07:17:27 +02:00 |
|
|
|
ac12a009e4
|
New release v8.0.0.M20
|
2018-06-20 18:05:59 +02:00 |
|
|
|
9dd93d88d9
|
New release v8.0.0.M19
|
2018-06-20 16:40:28 +02:00 |
|
|
|
12123ef13b
|
Merge branch 'release/v8.0.0.M18'
|
2018-06-20 16:32:31 +02:00 |
|
|
|
c7da546249
|
Improve text for lesson about CSRF login
|
2018-06-16 17:52:18 +02:00 |
|
|
|
a41ff0083c
|
Merge pull request #479 from misfir3/develop
Recent updates, including Missing Function AC content & patch for Vuln Components Lesson
|
2018-06-13 18:44:09 -06:00 |
|
|
|
701a99cf8f
|
Merge pull request #487 from matthias-g/xssFixes
Small lesson improvements
|
2018-06-13 18:42:14 -06:00 |
|
|
|
844808bfa7
|
Merge pull request #485 from matthias-g/fixSQLInjection
Fix sql injection
|
2018-06-13 18:41:05 -06:00 |
|
|
|
81aac93dfe
|
Usage base64 encoded password as expected by JJWT
|
2018-06-13 17:58:52 +02:00 |
|
|
|
e5ec2c1ee0
|
Fix html attribute
|
2018-06-13 17:56:57 +02:00 |
|
|
|
b0fbeaff2c
|
This improves the text of the lesson about XSS
|
2018-06-13 17:56:23 +02:00 |
|
|
|
b47bb96534
|
Update changed password in tests
|
2018-06-13 16:11:28 +02:00 |
|
|
|
3b9b695ef1
|
Check host header instead of origin which might not be present #475
|
2018-06-13 11:38:33 +02:00 |
|
|
|
56fc983414
|
Update database layout so that proposed solution works
|
2018-06-12 17:40:28 +02:00 |
|
|
|
268adbcf7e
|
Move assignments to correct package so that hints are shown
|
2018-06-12 17:40:28 +02:00 |
|
|
|
f383454440
|
Fix spelling in JWT lesson
|
2018-06-12 11:02:51 +02:00 |
|
|
|
a7b82985d4
|
Fix usage of JJWT API which expects base64 encoded strings as key
|
2018-06-12 11:01:23 +02:00 |
|
|
|
3d282e163c
|
Show newest comments first
This prevents new comments from not being displayed after a comment containing invalid html has been posted.
|
2018-06-12 10:54:13 +02:00 |
|
|
|
7068c84c6a
|
Fix parameter in url and some spelling
|
2018-06-12 10:54:13 +02:00 |
|
|
|
1734170e9e
|
updates to missing function ac lesson
|
2018-06-04 16:53:13 -06:00 |
|
|
|
26aa72e721
|
New release
|
2018-05-30 20:54:13 +02:00 |
|
|
|
c510bd9bf1
|
New develop version
|
2018-05-30 20:37:25 +02:00 |
|
|
|
c7a714a590
|
Move to next release
|
2018-05-30 17:05:50 +02:00 |
|
|
|
93620f148b
|
Remove challenges which are also incorporated in the lessons themselves
|
2018-05-30 16:46:50 +02:00 |
|
|
|
ecb7688e08
|
Update to new version for develop
Move WebWolf to port 9090 easier since most of the time something is running on 8081
Add scripts for easy building Docker files etc
|
2018-05-30 13:17:05 +02:00 |
|
|
|
4691bc5fd5
|
Extended proxy lesson with Edit and Resend and explained how to exclude WebGoat internal calls from proxying
|
2018-05-29 21:30:13 +02:00 |
|
|
|
9587550bc5
|
Fixed column name on sql injection lesson 7
|
2018-05-29 14:42:22 +02:00 |
|
|
|
9a0995dae5
|
Fixed column name on sql injection lesson 6
|
2018-05-29 14:42:02 +02:00 |
|
|
|
4e07e0ebfa
|
Fix links to open new browser tab
|
2018-05-29 14:04:33 +02:00 |
|
|
|
6e95fdfe56
|
Adjusted documentation
|
2018-05-29 13:33:52 +02:00 |
|
|
|
e045bc692d
|
Buying page also calculates the prices
Product image added
|
2018-05-29 12:47:27 +02:00 |
|
|
|
589872ad47
|
Fix for JWT assignment 1 log in now works again.
Reset button only triggers reset when admin is set to true in the token
|
2018-05-29 11:20:40 +02:00 |
|
|
|
5f4889cefe
|
Clicking link in first password reset link only switched back and forward
|
2018-05-29 09:29:50 +02:00 |
|
|
|
55793dd153
|
New release v8.0.0.M15
|
2018-05-27 20:54:50 +02:00 |
|
|
|
1edceb0aa8
|
Extended and fixed some lessons
|
2018-05-27 20:37:44 +02:00 |
|
|
|
d2b6725f3b
|
Moved challenge2 to client-side-filtering as final assignment
|
2018-05-27 12:41:52 +02:00 |
|
|
|
6e003bc088
|
Working last password assignment
|
2018-05-26 18:48:48 +02:00 |
|
|
|
f8a7a61e85
|
New lesson working
|
2018-05-26 15:09:18 +02:00 |
|
|
|
eaf68d38c5
|
Initial commit for password reset lesson
|
2018-05-25 14:27:45 +02:00 |
|
|
|
8d7ecb19d7
|
Added testcases for all JWT endpoints
|
2018-05-23 14:28:19 +02:00 |
|
|
|
e0cf5b4a84
|
Removed under construction from JWT lesson
|
2018-05-23 14:28:19 +02:00 |
|
|
|
5b524d3a94
|
Added more unit tests
|
2018-05-23 14:28:19 +02:00 |
|
|
|
dda6f674a3
|
Last assignment for JWT tokens finished
|
2018-05-23 14:28:19 +02:00 |
|
