|
|
82ad0a7cc7
|
Finally working
|
2019-09-18 17:53:43 +02:00 |
|
|
|
4777dab57a
|
review comments processed
|
2019-09-18 17:46:32 +02:00 |
|
|
|
ec236a4ff5
|
First steps in XXE integration tests
|
2019-09-18 14:48:34 +02:00 |
|
|
|
dceb375d5e
|
WIP
|
2019-09-13 18:57:40 +02:00 |
|
|
|
361249c666
|
First attempt at moving to Spring Boot 2
|
2019-09-12 17:22:03 +02:00 |
|
|
|
2283f945a9
|
Fix failing configuration
|
2019-08-25 17:53:36 +02:00 |
|
|
|
ff530e926e
|
Use separate project for integration tests so we can start WebGoat and WebWolf
|
2019-08-25 17:43:14 +02:00 |
|
|
|
f0d1555a09
|
Fixed #45 - multiple tracker for one user fixed
|
2019-08-21 23:38:27 +02:00 |
|
|
|
e61c943f97
|
#601 bug: username is case sensitive, but email in general is not
Opted for completing remove support for uppercase letters in username
this way we never come across issued with casing in WebGoat
|
2019-07-28 20:48:20 +02:00 |
|
|
|
ae674b9297
|
Merge pull request #620 from zubcevic/july2019-bugfixes
increased sql form fields and fixed chrome progress
|
2019-07-25 08:39:34 +02:00 |
|
|
|
216b29fca2
|
Clean up in pom files
|
2019-07-24 20:37:32 +02:00 |
|
|
|
ea38973068
|
UTF-8 config added for ThymeLeaf
|
2019-07-22 08:21:34 +02:00 |
|
|
|
f9e78739f3
|
reverted mandatory file encoding which will make it worse on windows
|
2019-07-20 09:13:21 +02:00 |
|
|
|
656fa40182
|
style sheet and advanced sql
|
2019-07-19 16:49:30 +02:00 |
|
|
|
63a1097466
|
owasp categories
|
2019-07-14 12:38:11 +02:00 |
|
|
|
12de48ebbb
|
additional environment entries to support https on webgoat
|
2019-07-14 12:18:07 +02:00 |
|
|
|
e57c9d05b6
|
added checkbox and corrected fall back for the other labels
|
2019-04-21 14:10:01 +02:00 |
|
|
|
27a61f0f70
|
Reworked and styled quiz
|
2019-03-26 08:43:38 +01:00 |
|
|
|
0915bf3d7f
|
Changed checkboxes to radio buttons, since it is single choice.
Moved css to seperate css file.
Made questions clickable not just the checkbox.
Reworked java code.
Work in Progress...
|
2019-03-26 08:43:38 +01:00 |
|
|
|
8b61811278
|
Added doc to quiz js
|
2019-03-26 08:43:38 +01:00 |
|
|
|
b02a01d35e
|
squash
|
2019-03-26 08:43:38 +01:00 |
|
|
|
6d974b5fa8
|
Fixed lesson sorting issue
|
2019-03-26 08:43:38 +01:00 |
|
|
|
4cdd649a5a
|
Added html mode for code editor
|
2019-03-26 08:43:38 +01:00 |
|
|
|
3a7601d348
|
Moved js files to global directory, added id system to question json
|
2019-03-26 08:43:38 +01:00 |
|
|
|
1bcddaf710
|
Reworked and polished assignment 8 and 9 (C and I)
|
2019-03-26 08:43:38 +01:00 |
|
|
|
6fe7582dfb
|
Added an assignment for compromising availability to the sql injections (introduction).
WIP
|
2019-03-26 08:43:38 +01:00 |
|
|
|
75b1895122
|
Added a new lessons for sql injections on "Compromising confidentiality with String SQL Injection"
|
2019-03-26 08:43:38 +01:00 |
|
|
|
6e36cc1ea4
|
removed unnecessary interceptors
|
2019-03-26 08:37:47 +01:00 |
|
|
|
1c2648e0a9
|
disable the fallback to the system locale to fix unit test and establish the desired behaviour
|
2019-03-26 08:37:47 +01:00 |
|
|
|
ed490a5ecf
|
Fix for #545
Introduced new macro to make a clear distinction between /WebWolf with
context root and without.
|
2019-01-16 11:07:30 +01:00 |
|
|
|
a41ff0083c
|
Merge pull request #479 from misfir3/develop
Recent updates, including Missing Function AC content & patch for Vuln Components Lesson
|
2018-06-13 18:44:09 -06:00 |
|
|
|
844808bfa7
|
Merge pull request #485 from matthias-g/fixSQLInjection
Fix sql injection
|
2018-06-13 18:41:05 -06:00 |
|
|
|
1d2575a211
|
Allow - in usernames because CSRF lesson requires username starting with prefix crsf- #476
|
2018-06-13 11:38:33 +02:00 |
|
|
|
56fc983414
|
Update database layout so that proposed solution works
|
2018-06-12 17:40:28 +02:00 |
|
|
|
bae3e75ae2
|
Fix minor issues in hint view
|
2018-06-12 11:02:16 +02:00 |
|
|
|
89f6a73275
|
Fix next page button when url doesn't end with page number
|
2018-06-07 19:07:58 +02:00 |
|
|
|
1734170e9e
|
updates to missing function ac lesson
|
2018-06-04 16:53:13 -06:00 |
|
|
|
ecb7688e08
|
Update to new version for develop
Move WebWolf to port 9090 easier since most of the time something is running on 8081
Add scripts for easy building Docker files etc
|
2018-05-30 13:17:05 +02:00 |
|
|
|
fc2c99bcb4
|
Limit the username to letters and digits only
|
2018-05-29 16:16:52 +02:00 |
|
|
|
f8a7a61e85
|
New lesson working
|
2018-05-26 15:09:18 +02:00 |
|
|
|
dda6f674a3
|
Last assignment for JWT tokens finished
|
2018-05-23 14:28:19 +02:00 |
|
|
|
60ef35e241
|
Working lesson
|
2018-05-23 14:28:19 +02:00 |
|
|
|
9d7886d572
|
More JWT work
|
2018-05-23 14:28:19 +02:00 |
|
|
|
ea9c1a453d
|
Initial version for JWT
|
2018-05-23 14:28:19 +02:00 |
|
|
|
84860e65f6
|
Insecure Deserialization exercise
|
2018-05-23 13:58:03 +02:00 |
|
|
|
a73bf58d36
|
more hintview patching
|
2018-05-23 13:35:51 +02:00 |
|
|
|
0ff6000511
|
wiring jqueryui to vuln jquery #368
|
2018-05-23 13:35:51 +02:00 |
|
|
|
91d9db5f80
|
work-arounds, fixes for page initialization and some clean-up
|
2018-05-23 13:35:51 +02:00 |
|
|
|
6a5ca43e7e
|
Strip out slash-escaped JSON sequence received in client.
The server will slash-escape some JSON related characters before sending. Need to strip them out before using, on the client side.
|
2018-05-02 22:21:22 +02:00 |
|
|
|
9aa674e326
|
stringfy object so it's visible in the console
|
2018-05-02 22:04:25 +02:00 |
|
