dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2,453 Commits 11 Branches 78 Tags
Commit Graph

158 Commits

Author SHA1 Message Date
Benedikt - Desktop
14f4b42ba5 Fixed some errors. 2019-03-26 08:43:38 +01:00
Benedikt - Desktop
26e3803de0 Added more hints 2019-03-26 08:43:38 +01:00
Benedikt - Desktop
6fe7582dfb Added an assignment for compromising availability to the sql injections (introduction). 
WIP
 2019-03-26 08:43:38 +01:00
Benedikt - Desktop
4e6c721545 Added an assignment for compromising integrity by query chaining to the sql injections (introduction) 2019-03-26 08:43:38 +01:00
Benedikt - Desktop
75b1895122 Added a new lessons for sql injections on "Compromising confidentiality with String SQL Injection" 2019-03-26 08:43:38 +01:00
Max Geldner
083eb1b567 improved the description of the new sql injection mitigation assignments 2019-03-26 08:43:38 +01:00
Benedikt - Desktop
0529289f6d Added (introduction) extra to the sidebar menu on the left. 
Slightly modified SQL Injections explanation/example.
 2019-03-26 08:43:38 +01:00
Benedikt - Desktop
adc8891160 Reworked SQl-Injections Introdruction Lesson plan 2019-03-26 08:43:38 +01:00
Benedikt - Desktop
2fdde982eb Restructured SQL Injection introduction lesson and created new required lesson-pages. 2019-03-26 08:43:38 +01:00
Max Geldner
2334b3c02d lessons: sql_injection 
added another assignment
 2019-03-26 08:43:38 +01:00
Tobias Melzer
8667a85865 Draft_Version for SQL Injection 2019-03-26 08:43:38 +01:00
Bene-Notebook
78ff54b910 Modified and improved explanations for SQL Injections (basics) 2019-03-26 08:43:38 +01:00
Max Geldner
bca50e8ca5 lesson: sql-injection-mitigation 
added new assignment for jdbc code completion
 2019-03-26 08:43:38 +01:00
Nanne Baars
941ca5e9a1 SQL injection add hints #470 2019-02-09 16:41:46 +01:00
Nanne Baars
7b8e3cdb52 Merge branch 'release/v8.0.0.M22' 2019-01-18 08:38:10 +01:00
Shreyas Minocha
9170dcb87f Fix a grammatical error 2019-01-17 14:50:07 +01:00
malikashish8
6699456ee1 Bug fix in sample code 2018-11-19 08:15:41 +01:00
Omniscimus
5921a06747 Fix SQL injection mitigation answer (fixes #505) 
You need to submit the IP of the webgoat-prd server, not just any of the IPs.
 2018-11-19 08:12:17 +01:00
Nanne Baars
63a50df7a1 Add hint to lesson users no longer have guess the complete ip address 2018-07-06 18:22:29 +02:00
Nanne Baars
2233550fe1 Adding more solutions for SQL order by lesson 2018-06-22 14:12:37 +02:00
Matthias Grundmann
b47bb96534
Update changed password in tests 2018-06-13 16:11:28 +02:00
Matthias Grundmann
56fc983414
Update database layout so that proposed solution works 2018-06-12 17:40:28 +02:00
Matthias Grundmann
268adbcf7e
Move assignments to correct package so that hints are shown 2018-06-12 17:40:28 +02:00
MaDuck
9587550bc5 Fixed column name on sql injection lesson 7 2018-05-29 14:42:22 +02:00
MaDuck
9a0995dae5 Fixed column name on sql injection lesson 6 2018-05-29 14:42:02 +02:00
Nanne Baars
eaf68d38c5 Initial commit for password reset lesson 2018-05-25 14:27:45 +02:00
TimDG
0b9a027c19 Fix some minor grammatical issues. 2018-05-11 15:13:30 +02:00
Nanne Baars
e4ca0c4836 Make report working again 2018-04-27 19:26:01 +02:00
nbaars
dec55d52ca Replaced quotes with normal character (Version: 8.0.0.M5 Character Encoding Issues #411) 2018-01-14 13:22:28 +01:00
Nanne Baars
5033c3661a Cleaning up test case logging 2017-10-08 02:07:22 +02:00
Nanne Baars
46c536554c - Added new challenges 
- Added new webapplication called WebWolf to make attacks more realistic
- Added WebWolf lesson to explain the concepts behind this new application
 2017-09-12 23:12:10 +02:00
Nanne Baars
b06fb72a74 Fixed typo 2017-07-25 17:41:37 +02:00
Nanne Baars
bf210de013 Added testcase for SQL lesson 6b 2017-06-16 00:33:02 +02:00
Nanne Baars
e808abd504 Added testcase for SQL lesson 6a 2017-06-16 00:23:40 +02:00
Nanne Baars
f1fd214580 Added more testcases for the SQL lesson 12 2017-06-15 23:49:03 +02:00
Nanne Baars
a484467419 Adding extra lesson for order by clauses 2017-06-15 19:08:19 +02:00
Nanne Baars
ee912f734b Added SQL injection from challenge to lesson and added content for a blind sql injection 2017-06-15 19:08:19 +02:00
Nanne Baars
0740c4ba95 Split large SQL lesson 2017-06-15 19:08:19 +02:00
Nanne Baars
129e9deba9 Added testcase for SQL injection lesson 2017-05-21 16:40:52 +02:00
Nanne Baars
259fd19c1b - Introduced user registration 
- Now using Spring Boot for classloading, this way local development does not need to restart the complete server
- Fixed all kinds of dependencies on the names of the lessons necessary to keep in mind during the creation of a lesson.
- Simplied loading of resources, by adding resource mappings in MvcConfig.
- Refactored plugin loading, now only one class is left for loading the lessons.
 2017-03-22 11:35:14 +01:00
hillstonenet-interns-bj
ad3e9439ec [fix] SQLi Lessons 6a-b: lesson passed's boolean 2017-03-03 17:19:33 +01:00
mayhew64
0de569339c Cleanup of vulnerable components 2017-02-08 11:37:11 -05:00
mayhew64
27947cca96 Fixed the SQL Injection to return results upon success 2017-02-08 00:01:44 -05:00
Nanne Baars
ee5a12d205 Provide Server-side service to support UI localization #265 (#322) 
merging
 2017-01-31 11:52:33 -05:00
Jason White
ac16342c17 #315 Adding UI handling and corresponding expected elements for html files for decoration. Inlucdes minor refactor 2017-01-25 17:46:31 +01:00
Nanne Baars
0779f7a3d0 Hints per lesson (#314) 
Squashing and merging ...

* Each assigment should have the options to have its own set of hints #278

* Updating lessons due to changes from #278

* Enable i18n client side #312

* IDOR move hints to assignment and enable i18n #312
 2017-01-24 09:34:06 -05:00
Nanne Baars
9c03b6f63b #276 Automatic lesson summary page 
- Basic overview of all the assignments needed to be solved in a lesson
 - Clicking on a link will jump to the correct page with the assignment
 - Lesson completed also updates lesson overview immediately
 2016-12-28 10:14:34 +01:00
Mario Zupan
6fa894938b Issue #275: Activate Syntax Highlighting with Coderay in Asciidoc templates 2016-12-15 17:37:30 +01:00
Nanne Baars
1a854a500e Lesson overview 2016-11-29 20:27:54 +01:00
mayhew64
95607089d4 First draft at XSS 2016-11-21 13:39:43 -05:00