|
|
dceb375d5e
|
WIP
|
2019-09-13 18:57:40 +02:00 |
|
|
|
361249c666
|
First attempt at moving to Spring Boot 2
|
2019-09-12 17:22:03 +02:00 |
|
|
|
2283f945a9
|
Fix failing configuration
|
2019-08-25 17:53:36 +02:00 |
|
|
|
ff530e926e
|
Use separate project for integration tests so we can start WebGoat and WebWolf
|
2019-08-25 17:43:14 +02:00 |
|
|
|
f0d1555a09
|
Fixed #45 - multiple tracker for one user fixed
|
2019-08-21 23:38:27 +02:00 |
|
|
|
e61c943f97
|
#601 bug: username is case sensitive, but email in general is not
Opted for completing remove support for uppercase letters in username
this way we never come across issued with casing in WebGoat
|
2019-07-28 20:48:20 +02:00 |
|
|
|
ae674b9297
|
Merge pull request #620 from zubcevic/july2019-bugfixes
increased sql form fields and fixed chrome progress
|
2019-07-25 08:39:34 +02:00 |
|
|
|
216b29fca2
|
Clean up in pom files
|
2019-07-24 20:37:32 +02:00 |
|
|
|
ea38973068
|
UTF-8 config added for ThymeLeaf
|
2019-07-22 08:21:34 +02:00 |
|
|
|
63a1097466
|
owasp categories
|
2019-07-14 12:38:11 +02:00 |
|
|
|
e57c9d05b6
|
added checkbox and corrected fall back for the other labels
|
2019-04-21 14:10:01 +02:00 |
|
|
|
b02a01d35e
|
squash
|
2019-03-26 08:43:38 +01:00 |
|
|
|
6d974b5fa8
|
Fixed lesson sorting issue
|
2019-03-26 08:43:38 +01:00 |
|
|
|
1bcddaf710
|
Reworked and polished assignment 8 and 9 (C and I)
|
2019-03-26 08:43:38 +01:00 |
|
|
|
6fe7582dfb
|
Added an assignment for compromising availability to the sql injections (introduction).
WIP
|
2019-03-26 08:43:38 +01:00 |
|
|
|
75b1895122
|
Added a new lessons for sql injections on "Compromising confidentiality with String SQL Injection"
|
2019-03-26 08:43:38 +01:00 |
|
|
|
6e36cc1ea4
|
removed unnecessary interceptors
|
2019-03-26 08:37:47 +01:00 |
|
|
|
1c2648e0a9
|
disable the fallback to the system locale to fix unit test and establish the desired behaviour
|
2019-03-26 08:37:47 +01:00 |
|
|
|
ed490a5ecf
|
Fix for #545
Introduced new macro to make a clear distinction between /WebWolf with
context root and without.
|
2019-01-16 11:07:30 +01:00 |
|
|
|
844808bfa7
|
Merge pull request #485 from matthias-g/fixSQLInjection
Fix sql injection
|
2018-06-13 18:41:05 -06:00 |
|
|
|
1d2575a211
|
Allow - in usernames because CSRF lesson requires username starting with prefix crsf- #476
|
2018-06-13 11:38:33 +02:00 |
|
|
|
56fc983414
|
Update database layout so that proposed solution works
|
2018-06-12 17:40:28 +02:00 |
|
|
|
fc2c99bcb4
|
Limit the username to letters and digits only
|
2018-05-29 16:16:52 +02:00 |
|
|
|
60ef35e241
|
Working lesson
|
2018-05-23 14:28:19 +02:00 |
|
|
|
9d7886d572
|
More JWT work
|
2018-05-23 14:28:19 +02:00 |
|
|
|
ea9c1a453d
|
Initial version for JWT
|
2018-05-23 14:28:19 +02:00 |
|
|
|
84860e65f6
|
Insecure Deserialization exercise
|
2018-05-23 13:58:03 +02:00 |
|
|
|
8050a2b56d
|
XXE lesson not showing correct link for WebWolf
|
2018-05-01 21:54:28 +02:00 |
|
|
|
e4ca0c4836
|
Make report working again
|
2018-04-27 19:26:01 +02:00 |
|
|
|
e422da4c64
|
Polling for lesson updates (updates the menu and page navigation)
|
2018-04-27 18:50:13 +02:00 |
|
|
|
245ba2c3d1
|
Fix XXE lesson, the exact .webgoat directory including version number will be put in the lesson.
|
2018-04-24 20:44:05 +02:00 |
|
|
|
672d78eebc
|
Resource bundle in UTF-8
|
2018-04-23 16:12:50 +02:00 |
|
|
|
b99b554522
|
Version: docker 8.0.0.M9 Multiple users can't finalize the same lesson #432
|
2018-01-29 15:29:48 +01:00 |
|
|
|
ee11381a63
|
Fixed database issue mappings
|
2018-01-21 17:13:28 +01:00 |
|
|
|
2cc6c232e2
|
Added macro for asciidoc to produce the WebWolf link dynamically depending on configuration
|
2018-01-15 20:56:59 +01:00 |
|
|
|
a6b9235711
|
SQL Error '-104' in XSS Lesson Page 7 #416
|
2018-01-10 12:48:45 +01:00 |
|
|
|
c6e86861fe
|
Removed Mongodb, so we do not have issues with downloading the embedded Mongodb. Moved back to JPA and use HSQLDB for storing user information.
|
2017-12-29 22:12:21 +01:00 |
|
|
|
dd7f4074cd
|
Added encoding for asciidoc
|
2017-12-28 00:16:16 +01:00 |
|
|
|
43b82027f5
|
Added more content for CSRF lesson
|
2017-11-22 01:34:05 +01:00 |
|
|
|
5eed385d5d
|
When an adoc file cannot be found the complete lesson crashed, made it failsafe with a logging statement.
|
2017-11-17 07:08:24 +01:00 |
|
|
|
fc1353b2f1
|
Pom cleanup
|
2017-11-02 16:14:44 +01:00 |
|
|
|
3ee1a1ca16
|
Travis now builds Docker and create a Github release.
Removed ActiveMQ between WebGoat and WebWolf they now act as standalone applications
|
2017-10-18 10:54:16 +02:00 |
|
|
|
d0ec84e9a6
|
Merge remote-tracking branch 'upstream/develop' into develop
|
2017-10-11 20:29:47 -06:00 |
|
|
|
b156d81535
|
Initial cut on CSRF. More to come
|
2017-10-11 20:06:57 -06:00 |
|
|
|
46c536554c
|
- Added new challenges
- Added new webapplication called WebWolf to make attacks more realistic
- Added WebWolf lesson to explain the concepts behind this new application
|
2017-09-12 23:12:10 +02:00 |
|
|
|
b41751a55c
|
missing function level ac working again ... after VM implosion
|
2017-08-08 17:15:20 -06:00 |
|
|
|
8df1d53471
|
interim missing function ac commit, traversing dev. env.
|
2017-08-08 09:28:09 -06:00 |
|
|
|
c44186f986
|
start of missing function ac lesson
|
2017-07-24 16:26:23 -04:00 |
|
|
|
dce962bdeb
|
Updating Category ordering, closer to T10
|
2017-07-19 15:54:50 -04:00 |
|
|
|
ccb4e3813b
|
#353 - lesson template/guide
|
2017-06-23 14:46:09 -04:00 |
|
