dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2,370 Commits 11 Branches 78 Tags
Commit Graph

173 Commits

Author SHA1 Message Date
Nanne Baars
39740e069e New release 2020-05-22 14:10:31 +02:00
Nanne Baars
1aad57ba55 Fix the syntax differences between HSQL and Postgres 2020-04-27 11:45:41 +02:00
Nanne Baars
54610868fe Fix the syntax differences between HSQL and Postgres 2020-04-27 11:45:41 +02:00
Satoshi SAKAO
d7ae3a4391 fix typo 2020-04-27 10:44:39 +02:00
Satoshi SAKAO
608728b135 fix asciidoc italic format 2020-04-27 10:44:39 +02:00
René Zubcevic
88eb4d7b26 ace editor added without all the nonsense around it 2020-04-26 16:45:56 +02:00
René Zubcevic
6f532683a1 lessonplan character updates so it also works on Windows Cp125 2020-04-20 12:54:18 +02:00
Nanne Baars
96412da04e Remove unused imports and parameters 2020-04-19 15:42:50 +02:00
Nanne Baars
3b7481c2a7 Update method signature 2020-04-19 15:42:50 +02:00
Nanne Baars
407e19638f Add two more assignments for SQL injection where only filtering is applied. 2020-04-19 15:42:50 +02:00
Nanne Baars
6c25cf8e43 Add path traversal lesson 2020-03-10 08:03:48 +01:00
René Zubcevic
4e371b63d0
suppressing some useless log messages and banners in unit tests (#752) 
* suppressing some useless log messages and banners in unit tests

* some more log suppressed
 2020-01-25 12:11:45 +01:00
Nanne Baars
5dd6b31905 Adjust lesson template (#704) 
* Remove method `getId()` from all lessons as it defaults to the class name

* remove clean up endpoint

* remove unused class `RequestParameter`

* remove unused class `PluginLoadingFailure`

* Move `CourseConfiguration` to lesson package

* Add more content around the lesson template lesson and make it visible as a lesson in WebGoat

* Remove explicit invocation `trackProgress()` inside WebGoat framework so assignments only need to return an `AttackResult`

* Put original solution back as well for SQL string injection

* review comments

* Add
 2019-11-17 13:39:56 +01:00
Nanne Baars
f40b6ffd31 Moving back to snapshot 2019-11-13 12:27:26 +01:00
Nanne Baars
fe2ac1b8d4 New release, updating pom.xml 2019-11-12 09:22:45 +01:00
Nanne Baars
e07a2aff48 Fix mistake the SQL exception should be throws otherwise users cannot see the table name (servers) makes it impossible to 
solve the assignment. Add explicit test for this to guard against future mistakes
 2019-11-11 21:17:51 +01:00
Nanne Baars
7d48427d4f Integrate ZAP 2.8.0 (no HUB) as the setup is different also update the filtering as usual ZAP exclusion is again broken 2019-11-11 21:17:51 +01:00
Cotonne
8da4342430 Improve readability of query (#685) 
thanks! and do not forget to clean your .webgoat... local db related files
 2019-11-04 13:28:35 +01:00
Nanne Baars
1a83e2825e Code style (#696) 
* Remove Guava dependency from WebGoat

* Add Checkstyle to the project with very basic standards so we have a
style across lessons. It does not interfere with basic Intellij formatting
 2019-11-03 18:11:09 +01:00
Nanne Baars
25dae3a4a8 Fix merge request 2019-10-30 08:28:14 +01:00
Nanne Baars
e783c0c1f1 SQL: Cannot use apostrophe/quotes on string literals #662 2019-10-30 08:28:14 +01:00
Nanne Baars
96d11697d4 SQL Injection lesson 6 minor mistakes in examples #663 2019-10-30 08:28:14 +01:00
Nanne Baars
a0933d83d5 Reworked all the SQL statements to be uppercase 2019-10-30 08:28:14 +01:00
René Zubcevic
e0ac4a1083
lessons in correct order and scoreboard visible again (#680) 2019-10-10 09:45:43 +02:00
Choe Hyeong Jin
b481ed70e8 Fix typo in SQL Injection(Introduction) (#675) 
Fix typo `date` to `data` which seems more appropriate in context.
 2019-10-03 10:01:35 +02:00
Nanne Baars
dad9c75ee0 Fix tests after updating from develop, changes applied for migrating to Spring Boot 2 2019-09-23 17:35:04 +02:00
Nanne Baars
35c1305ce9 Merge conflicts resolved 2019-09-23 07:34:27 +02:00
Nanne Baars
e8d086ac9b All successful 2019-09-20 07:59:04 +02:00
Nanne Baars
82ad0a7cc7 Finally working 2019-09-18 17:53:43 +02:00
Nanne Baars
5e6f825e64 WIP 2019-09-13 16:42:13 +02:00
René Zubcevic
fb2e11fe11 fix for complete progress of sql mitigations and integration test 2019-09-10 13:58:58 +02:00
Nanne Baars
f7c8a271aa Fixed small typos 2019-09-09 13:55:24 +02:00
Nanne Baars
7a4f6e6fd3 Merge branch 'JeffreyWagnerBHN-develop' into develop 2019-09-09 13:54:38 +02:00
ephemeralwaves
aec051a9f1 Fixed minor spelling mistake 2019-09-09 13:41:38 +02:00
Jeffrey Wagner
75a174ff7b Fixed description and grammer 2019-09-06 21:12:55 -04:00
René Zubcevic
924a53c22a fixed sql adv 5 progress and added prove in integration test 2019-08-22 17:44:34 +02:00
Rene Zubcevic
7ad3996f2f fix 6a6b page 2019-07-22 15:36:31 +02:00
Rene Zubcevic
b65644edee progress fix for SqlInjectionMitigations 2019-07-22 12:16:18 +02:00
René Zubcevic
7d0a63ac95 small html changes to improve progress 2019-07-20 09:34:27 +02:00
Rene Zubcevic
656fa40182 style sheet and advanced sql 2019-07-19 16:49:30 +02:00
Rene Zubcevic
99435a1073 increased sql form fields and fixed chrome progress 2019-07-19 12:16:06 +02:00
Nanne Baars
98537426f2 SNAPSHOT version 2019-05-03 11:15:11 +02:00
Nanne Baars
9b0c4e62c2 New release, updating pom.xml 2019-05-03 09:50:01 +02:00
Tobias-Melzer
bcacf94c6f Added Test for Developer Tools 2019-03-26 08:43:38 +01:00
Benedikt - Desktop
b190b08258 Added Import of AssignmentsHints to SQL Injection Challenge to fix build error. 2019-03-26 08:43:38 +01:00
Tobias-Melzer
256c0d05aa Implemented some feedback 2019-03-26 08:43:38 +01:00
Timur Linden
53c16c8b82 fixed minor spelling mistakes, unified wording 2019-03-26 08:43:38 +01:00
PhilippeSteinbach
875f0487bd assignment 4: specifying data type in instructions 2019-03-26 08:43:38 +01:00
PhilippeSteinbach
5c2d9cd8e9 assignment 5: display query string to user after success, improved regex to allow missing semicolon after query 2019-03-26 08:43:38 +01:00
PhilippeSteinbach
e976dbe10f assignment 4: display query string to user after success 2019-03-26 08:43:38 +01:00