317573c897
Small fixes june 2020 ( #857 )
...
* issue 849
* another integration test for a challenge
* fixing issue 848
* updated link for issue 833
* fix for 847
2020-07-08 19:26:09 +02:00
39740e069e
New release
2020-05-22 14:10:31 +02:00
1aad57ba55
Fix the syntax differences between HSQL and Postgres
2020-04-27 11:45:41 +02:00
54610868fe
Fix the syntax differences between HSQL and Postgres
2020-04-27 11:45:41 +02:00
d7ae3a4391
fix typo
2020-04-27 10:44:39 +02:00
608728b135
fix asciidoc italic format
2020-04-27 10:44:39 +02:00
88eb4d7b26
ace editor added without all the nonsense around it
2020-04-26 16:45:56 +02:00
6f532683a1
lessonplan character updates so it also works on Windows Cp125
2020-04-20 12:54:18 +02:00
96412da04e
Remove unused imports and parameters
2020-04-19 15:42:50 +02:00
3b7481c2a7
Update method signature
2020-04-19 15:42:50 +02:00
407e19638f
Add two more assignments for SQL injection where only filtering is applied.
2020-04-19 15:42:50 +02:00
6c25cf8e43
Add path traversal lesson
2020-03-10 08:03:48 +01:00
4e371b63d0
suppressing some useless log messages and banners in unit tests ( #752 )
...
* suppressing some useless log messages and banners in unit tests
* some more log suppressed
2020-01-25 12:11:45 +01:00
5dd6b31905
Adjust lesson template ( #704 )
...
* Remove method `getId()` from all lessons as it defaults to the class name
* remove clean up endpoint
* remove unused class `RequestParameter`
* remove unused class `PluginLoadingFailure`
* Move `CourseConfiguration` to lesson package
* Add more content around the lesson template lesson and make it visible as a lesson in WebGoat
* Remove explicit invocation `trackProgress()` inside WebGoat framework so assignments only need to return an `AttackResult`
* Put original solution back as well for SQL string injection
* review comments
* Add
2019-11-17 13:39:56 +01:00
f40b6ffd31
Moving back to snapshot
2019-11-13 12:27:26 +01:00
fe2ac1b8d4
New release, updating pom.xml
2019-11-12 09:22:45 +01:00
e07a2aff48
Fix mistake the SQL exception should be throws otherwise users cannot see the table name (servers) makes it impossible to
...
solve the assignment. Add explicit test for this to guard against future mistakes
2019-11-11 21:17:51 +01:00
7d48427d4f
Integrate ZAP 2.8.0 (no HUB) as the setup is different also update the filtering as usual ZAP exclusion is again broken
2019-11-11 21:17:51 +01:00
8da4342430
Improve readability of query ( #685 )
...
thanks! and do not forget to clean your .webgoat... local db related files
2019-11-04 13:28:35 +01:00
1a83e2825e
Code style ( #696 )
...
* Remove Guava dependency from WebGoat
* Add Checkstyle to the project with very basic standards so we have a
style across lessons. It does not interfere with basic Intellij formatting
2019-11-03 18:11:09 +01:00
25dae3a4a8
Fix merge request
2019-10-30 08:28:14 +01:00
e783c0c1f1
SQL: Cannot use apostrophe/quotes on string literals #662
2019-10-30 08:28:14 +01:00
96d11697d4
SQL Injection lesson 6 minor mistakes in examples #663
2019-10-30 08:28:14 +01:00
a0933d83d5
Reworked all the SQL statements to be uppercase
2019-10-30 08:28:14 +01:00
e0ac4a1083
lessons in correct order and scoreboard visible again ( #680 )
2019-10-10 09:45:43 +02:00
b481ed70e8
Fix typo in SQL Injection(Introduction) ( #675 )
...
Fix typo `date` to `data` which seems more appropriate in context.
2019-10-03 10:01:35 +02:00
dad9c75ee0
Fix tests after updating from develop, changes applied for migrating to Spring Boot 2
2019-09-23 17:35:04 +02:00
35c1305ce9
Merge conflicts resolved
2019-09-23 07:34:27 +02:00
e8d086ac9b
All successful
2019-09-20 07:59:04 +02:00
82ad0a7cc7
Finally working
2019-09-18 17:53:43 +02:00
5e6f825e64
WIP
2019-09-13 16:42:13 +02:00
fb2e11fe11
fix for complete progress of sql mitigations and integration test
2019-09-10 13:58:58 +02:00
f7c8a271aa
Fixed small typos
2019-09-09 13:55:24 +02:00
7a4f6e6fd3
Merge branch 'JeffreyWagnerBHN-develop' into develop
2019-09-09 13:54:38 +02:00
aec051a9f1
Fixed minor spelling mistake
2019-09-09 13:41:38 +02:00
75a174ff7b
Fixed description and grammer
2019-09-06 21:12:55 -04:00
924a53c22a
fixed sql adv 5 progress and added prove in integration test
2019-08-22 17:44:34 +02:00
7ad3996f2f
fix 6a6b page
2019-07-22 15:36:31 +02:00
b65644edee
progress fix for SqlInjectionMitigations
2019-07-22 12:16:18 +02:00
7d0a63ac95
small html changes to improve progress
2019-07-20 09:34:27 +02:00
656fa40182
style sheet and advanced sql
2019-07-19 16:49:30 +02:00
99435a1073
increased sql form fields and fixed chrome progress
2019-07-19 12:16:06 +02:00
98537426f2
SNAPSHOT version
2019-05-03 11:15:11 +02:00
9b0c4e62c2
New release, updating pom.xml
2019-05-03 09:50:01 +02:00
bcacf94c6f
Added Test for Developer Tools
2019-03-26 08:43:38 +01:00
b190b08258
Added Import of AssignmentsHints to SQL Injection Challenge to fix build error.
2019-03-26 08:43:38 +01:00
256c0d05aa
Implemented some feedback
2019-03-26 08:43:38 +01:00
53c16c8b82
fixed minor spelling mistakes, unified wording
2019-03-26 08:43:38 +01:00
875f0487bd
assignment 4: specifying data type in instructions
2019-03-26 08:43:38 +01:00
5c2d9cd8e9
assignment 5: display query string to user after success, improved regex to allow missing semicolon after query
2019-03-26 08:43:38 +01:00
