dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,731 Commits 11 Branches 78 Tags
b41751a55c8c3072a8da5a4f78f5697312b13244
Commit Graph

170 Commits

Author SHA1 Message Date
Nanne Baars
9b86aaba05 Adding challenge 2017-03-22 00:09:17 +01:00
hillstonenet-interns-bj
ad3e9439ec [fix] SQLi Lessons 6a-b: lesson passed's boolean 2017-03-03 17:19:33 +01:00
hillstonenet-interns-bj
f5c3610aba [fix] path in HttpProxies html file was wrong 2017-03-02 21:34:31 +01:00
Nanne Baars
f71d02fc6a Merge branch 'develop' into develop 2017-03-02 21:24:09 +01:00
Nanne Baars
2d6235e4f0 Provide Server-side service to support UI localization #265 
- Now also enabled for adoc
 2017-03-02 21:17:21 +01:00
Jason White
153dc57731 Basic solutions cheat file for now 2017-02-17 16:18:57 -05:00
Jason White
3193b591d8 commenting out latter part of XSS for now 2017-02-17 16:18:36 -05:00
Jason White
ac6e8b59b7 XSS updates 2017-02-17 15:59:38 -05:00
Jason White
d99a1d8448 temp. dep. mgmt resolution 2017-02-17 14:53:23 -05:00
Jason White
7f532f0ffc XSS lesson updates 2017-02-17 13:05:54 -05:00
mayhew64
0de569339c Cleanup of vulnerable components 2017-02-08 11:37:11 -05:00
mayhew64
27947cca96 Fixed the SQL Injection to return results upon success 2017-02-08 00:01:44 -05:00
mayhew64
33e807797c Xstream RCE works now 2017-02-07 23:51:05 -05:00
Nanne Baars
65d728dfff Solved issue with POST in vulnerable components lesson 2017-02-07 23:49:26 +01:00
Nanne Baars
8d3b028acc Solved issue with POST in vulnerable components lesson 2017-02-07 23:38:57 +01:00
mayhew64
a00546638a Merge branch 'develop' of https://github.com/WebGoat/WebGoat into develop 2017-02-07 16:06:45 -05:00
mayhew64
b4159385c1 Vulnerable components draft, fixed missing properties in httpbasics when user input was empty 2017-02-07 16:05:30 -05:00
Jason White
40844bd823 #319 updated content for proxy 2017-02-07 18:13:27 +01:00
mayhew64
85ef7ee1a4 Merge branch 'develop' of https://github.com/WebGoat/WebGoat into develop 2017-02-06 09:19:29 -05:00
Nanne Baars
d25700434e Added tests for assignments 2017-01-31 23:28:59 +01:00
Nanne Baars
ee5a12d205 Provide Server-side service to support UI localization #265 (#322) 
merging
 2017-01-31 11:52:33 -05:00
mayhew64
fbd37b39bd Merge branch 'develop' of https://github.com/WebGoat/WebGoat into develop 2017-01-28 11:05:16 -05:00
mayhew64
ef3779ec13 Draft Vuln components 2017-01-28 11:05:09 -05:00
mayhew64
a564ff2038 adding in Vulnerable Components lesson 2017-01-28 10:59:44 -05:00
Jason White
2b31a19143 #319 2017-01-27 15:39:31 -05:00
Jason White
264f7e74b6 Minor clean up in assignment endpoint 2017-01-25 14:56:20 -05:00
Jason White
f7ec164601 Adding request intercept assignment 2017-01-25 14:56:20 -05:00
Jason White
ac16342c17 #315 Adding UI handling and corresponding expected elements for html files for decoration. Inlucdes minor refactor 2017-01-25 17:46:31 +01:00
Nanne Baars
0779f7a3d0 Hints per lesson (#314) 
Squashing and merging ...

* Each assigment should have the options to have its own set of hints #278

* Updating lessons due to changes from #278

* Enable i18n client side #312

* IDOR move hints to assignment and enable i18n #312
 2017-01-24 09:34:06 -05:00
Nanne Baars
6d727b98e3 Create IDOR lesson #304 
- Fix put mapping
 2017-01-18 20:50:37 +01:00
Jason White
4e9b30d7f6 #304 incremental addition for IDOR, still experiencing 400 with PUT method 2017-01-09 14:02:00 -05:00
Jason White
fe4f568fc0 #304 update to IDOR. Still experiencing 400 on EditOwnProfile endpoint 2017-01-06 13:04:03 -05:00
Jason White
0a41b2813d #304 ... trying to fix prev. commit 2017-01-06 08:06:49 -05:00
Jason White
65eaa934ea Initial/partial commit of IDOR lesson 2017-01-05 17:30:53 -05:00
Nanne Baars
9c03b6f63b #276 Automatic lesson summary page 
- Basic overview of all the assignments needed to be solved in a lesson
 - Clicking on a link will jump to the correct page with the assignment
 - Lesson completed also updates lesson overview immediately
 2016-12-28 10:14:34 +01:00
Jason White
282073ed2d Adding ZAP content for HTTP Basics 2016-12-22 16:37:57 -05:00
Mario Zupan
6fa894938b Issue #275: Activate Syntax Highlighting with Coderay in Asciidoc templates 2016-12-15 17:37:30 +01:00
Nanne Baars
b8b632905d Fixing failing unit test 2016-12-08 22:06:21 +01:00
Nanne Baars
1a854a500e Lesson overview 2016-11-29 20:27:54 +01:00
Jason White
e183c8d8b3 implementing support for dom xss 2016-11-23 17:25:47 -05:00
Nanne Baars
5347311319 XXE last assignment completely working 2016-11-23 17:09:35 +01:00
Nanne Baars
c80bfcbc2f First checkin for CSRF 
(cherry picked from commit a01a767)
 2016-11-23 17:09:35 +01:00
Jason White
4940a12d0d button size fix 2016-11-22 16:25:19 -05:00
mayhew64
32d1009390 Reflected xss working - still have to think how to get the success criteria. Page needs some work though 2016-11-21 23:09:58 -05:00
Bruce Mayhew
edaadecc38 Merge pull request #286 from WebGoat/feature/spring-boot 
First draft at XSS
 2016-11-21 18:37:53 -05:00
Jason White
2647722842 fixing typo 2016-11-21 13:50:21 -05:00
mayhew64
95607089d4 First draft at XSS 2016-11-21 13:39:43 -05:00
Nanne Baars
f2a114419a XXE checkin 2016-11-18 10:39:39 +01:00
Nanne Baars
38e5999472 XXE checkin 2016-11-17 17:36:17 +01:00
Nanne Baars
f698a2d6ae XXE first attempt 2016-11-17 16:27:41 +01:00