dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2,279 Commits 11 Branches 78 Tags
ba74898441afba4d62ab4b5b202631029ffc88ca
Commit Graph

524 Commits

Author SHA1 Message Date
Benedikt - Desktop
75b1895122 Added a new lessons for sql injections on "Compromising confidentiality with String SQL Injection" 2019-03-26 08:43:38 +01:00
Max Geldner
083eb1b567 improved the description of the new sql injection mitigation assignments 2019-03-26 08:43:38 +01:00
Benedikt - Desktop
d2a2716a9a Added a lesson for the CIA-Triad in the general category explaining the three elements of the triad. 2019-03-26 08:43:38 +01:00
Benedikt - Desktop
0529289f6d Added (introduction) extra to the sidebar menu on the left. 
Slightly modified SQL Injections explanation/example.
 2019-03-26 08:43:38 +01:00
Benedikt - Desktop
adc8891160 Reworked SQl-Injections Introdruction Lesson plan 2019-03-26 08:43:38 +01:00
Benedikt - Desktop
2fdde982eb Restructured SQL Injection introduction lesson and created new required lesson-pages. 2019-03-26 08:43:38 +01:00
Max Geldner
2334b3c02d lessons: sql_injection 
added another assignment
 2019-03-26 08:43:38 +01:00
Tobias Melzer
8667a85865 Draft_Version for SQL Injection 2019-03-26 08:43:38 +01:00
Bene-Notebook
78ff54b910 Modified and improved explanations for SQL Injections (basics) 2019-03-26 08:43:38 +01:00
Max Geldner
bca50e8ca5 lesson: sql-injection-mitigation 
added new assignment for jdbc code completion
 2019-03-26 08:43:38 +01:00
Rene Zubcevic
4050e899ff changed unit test to dynamic port to prevent port conflict and build failure 2019-03-26 08:37:47 +01:00
Robin
24bbb636f8 Update HttpBasics_ProxyIntro1.adoc 
Fixed along to alone
 2019-03-26 08:35:55 +01:00
Robin
7291651967 Update IntroductionWebWolf.adoc 
Fixed typos and language to make it clearer
 2019-03-26 08:35:55 +01:00
Robin
528c05a859 Update Landing_page.adoc 
Updated the language to make it easier to understand
 2019-03-26 08:35:55 +01:00
Robin
e625d4008b Update Receiving_mail.adoc 
Clarify text to make it easier to understand
 2019-03-26 08:35:55 +01:00
Robin
53050d7198 Make language more understandable 
Changed wording, to make it more intuitive
 2019-03-26 08:35:55 +01:00
Nanne Baars
a49dd6c348 Updated version in pom.xml 2019-02-09 20:51:14 +01:00
Nanne Baars
c0dd773b90 Merge branch 'develop' into alexanderfry-feature/ssrf 2019-02-09 18:20:43 +01:00
Nanne Baars
bd86dc6ee0 SNAPSHOT version 2019-02-09 18:20:08 +01:00
Nanne Baars
d6dae9ef75 Merge branch 'feature/ssrf' of git://github.com/alexanderfry/WebGoat into alexanderfry-feature/ssrf 2019-02-09 16:42:08 +01:00
Nanne Baars
941ca5e9a1 SQL injection add hints #470 2019-02-09 16:41:46 +01:00
Nanne Baars
6c86929aa6 New release, updating pom.xml 2019-02-08 14:20:23 +01:00
Alex Fry
98f75e34d5 Initial Commit of SSRF Lesson 2019-01-21 18:09:31 -04:00
Nanne Baars
631fedb752 New release, updating pom.xml 2019-01-18 08:45:44 +01:00
Nanne Baars
7b8e3cdb52 Merge branch 'release/v8.0.0.M22' 2019-01-18 08:38:10 +01:00
Nanne Baars
9be4361afc New release, updating pom.xml 2019-01-18 08:37:26 +01:00
Nanne Baars
b0e3a06b50 Password reset lesson 5 not working #512 
Added comment to not use OWASP ZAP
 2019-01-17 16:35:04 +01:00
Shreyas Minocha
9170dcb87f Fix a grammatical error 2019-01-17 14:50:07 +01:00
Nanne Baars
ed490a5ecf Fix for #545 
Introduced new macro to make a clear distinction between /WebWolf with
context root and without.
 2019-01-16 11:07:30 +01:00
Nanne Baars
ec225558b9 Move to latest Spring Boot version and move to Java 11 2018-12-15 13:59:54 +01:00
Bartosz Bogatko
bf45a0a8e5 Fix for XXE docs 2018-12-14 12:43:19 +01:00
malikashish8
6699456ee1 Bug fix in sample code 2018-11-19 08:15:41 +01:00
Josh Cummings
1520c7571f HTML Tampering Mitigation Description Typo 2018-11-19 08:13:17 +01:00
Omniscimus
5921a06747 Fix SQL injection mitigation answer (fixes #505) 
You need to submit the IP of the webgoat-prd server, not just any of the IPs.
 2018-11-19 08:12:17 +01:00
donkrasnov
a2f28460c0 Update password_reset.html 
Without this attribute it is impossible to pass the lesson "password-reset" `Email functionality with WebWolf`.
 2018-11-19 08:08:41 +01:00
Jelle Besseling
f9a4061604 Fix typo 2018-09-12 09:54:44 +02:00
Nanne Baars
580e50f558 Same form post is used and with autocomplete this does not work because all fields will be posted. The endpoint could no long distinguish between the different actions (sending e-mail and checking password) 2018-08-10 13:15:40 +02:00
Nanne Baars
1252e3dc21 Update instructions to use docker-compose only 2018-07-17 20:17:35 +02:00
Nanne Baars
63a50df7a1 Add hint to lesson users no longer have guess the complete ip address 2018-07-06 18:22:29 +02:00
Nanne Baars
2233550fe1 Adding more solutions for SQL order by lesson 2018-06-22 14:12:37 +02:00
Nanne Baars
cb18295f9f Update hint 2018-06-21 07:53:21 +02:00
Nanne Baars
651698d96c Add different solution for XXE attack 2018-06-21 07:17:27 +02:00
Nanne Baars
ac12a009e4 New release v8.0.0.M20 2018-06-20 18:05:59 +02:00
Nanne Baars
9dd93d88d9 New release v8.0.0.M19 2018-06-20 16:40:28 +02:00
Nanne Baars
12123ef13b Merge branch 'release/v8.0.0.M18' 2018-06-20 16:32:31 +02:00
Matthias Grundmann
c7da546249 Improve text for lesson about CSRF login 2018-06-16 17:52:18 +02:00
misfir3
a41ff0083c Merge pull request #479 from misfir3/develop 
Recent updates, including Missing Function AC content & patch for Vuln Components Lesson
 2018-06-13 18:44:09 -06:00
misfir3
701a99cf8f Merge pull request #487 from matthias-g/xssFixes 
Small lesson improvements
 2018-06-13 18:42:14 -06:00
misfir3
844808bfa7 Merge pull request #485 from matthias-g/fixSQLInjection 
Fix sql injection
 2018-06-13 18:41:05 -06:00
Matthias Grundmann
81aac93dfe Usage base64 encoded password as expected by JJWT 2018-06-13 17:58:52 +02:00