8e567b0f86
Spoofing an Authentication Cookie lesson
2021-09-23 15:51:17 +02:00
60bd04b9aa
Move to snapshot version
2021-07-29 11:13:16 +03:00
69a370f438
New release, updating pom.xml
2021-05-23 20:11:23 +02:00
abf431fffb
Remove unnecessary plugins in subprojects
2021-04-03 10:58:08 +02:00
cda852f4e8
Run unit tests again for all lessons and rewrite all to JUnit 5
...
Due to the migration to Spring Boot 2.4 the Vintage dependency was no longer included by default, resulting in skipping all unit tests.
2021-03-31 19:31:13 +02:00
ae6d448aa0
Replace ${revision} with real version as Maven
...
The CI pipeline should take care of this.
2021-03-31 19:31:13 +02:00
b8bdb8f432
Updating to the new development version
2021-03-30 14:05:26 +00:00
574039902d
changed version to snapshot version and introduced revision parameter
...
for it
2020-11-27 12:15:19 +01:00
39740e069e
New release
2020-05-22 14:10:31 +02:00
6c25cf8e43
Add path traversal lesson
2020-03-10 08:03:48 +01:00
8088465652
Move and remove unneccessary pom dependencies ( #736 )
2019-12-24 16:14:36 +01:00
035c8662d4
Revert "Bump xstream from 1.4.5 to 1.4.6 in /webgoat-lessons"
...
This reverts commit a831d949b2
2019-12-23 17:14:20 +01:00
a831d949b2
Bump xstream from 1.4.5 to 1.4.6 in /webgoat-lessons
...
Bumps xstream from 1.4.5 to 1.4.6.
Signed-off-by: dependabot[bot] <support@github.com >
2019-12-23 17:12:31 +01:00
4c45a1e68c
This lesson is intended to show the dangers of outdated software. However in version 1.4.7 the vulnerability is fixed! In 1.4.5 it is still present, so I suggest this downgrade. It is tested and works as intended, just as 1.4.7 does not.
2019-12-23 17:09:46 +01:00
b5e5dd1d13
Crypto lesson ( #712 )
...
* crypto lesson added
* signing assignment
* integration test added for signing assignment
* added more hints
* corrections after rebase
* added some explanation
* added security defaults assignment
2019-11-23 21:52:14 +01:00
5dd6b31905
Adjust lesson template ( #704 )
...
* Remove method `getId()` from all lessons as it defaults to the class name
* remove clean up endpoint
* remove unused class `RequestParameter`
* remove unused class `PluginLoadingFailure`
* Move `CourseConfiguration` to lesson package
* Add more content around the lesson template lesson and make it visible as a lesson in WebGoat
* Remove explicit invocation `trackProgress()` inside WebGoat framework so assignments only need to return an `AttackResult`
* Put original solution back as well for SQL string injection
* review comments
* Add
2019-11-17 13:39:56 +01:00
f40b6ffd31
Moving back to snapshot
2019-11-13 12:27:26 +01:00
fe2ac1b8d4
New release, updating pom.xml
2019-11-12 09:22:45 +01:00
216b29fca2
Clean up in pom files
2019-07-24 20:37:32 +02:00
41f252970b
corrected path in pom
2019-07-14 12:38:11 +02:00
98537426f2
SNAPSHOT version
2019-05-03 11:15:11 +02:00
9b0c4e62c2
New release, updating pom.xml
2019-05-03 09:50:01 +02:00
0bd14d9178
(wrong branch) updated assignment (OWASP Java Encoder) and hints (still not shown)
2019-03-26 08:43:38 +01:00
5fa11a1b4b
secure password assignment first draft
2019-03-26 08:43:38 +01:00
8bc91ba4ec
finished assignment
2019-03-26 08:43:38 +01:00
91e6f70919
Added lesson (no content yet) for explaining nist password standards.
2019-03-26 08:43:38 +01:00
63502d6328
added jsoup html parser
2019-03-26 08:43:38 +01:00
af565b5035
Added Tutorial for Chrome Developer Tools.
2019-03-26 08:43:38 +01:00
d2a2716a9a
Added a lesson for the CIA-Triad in the general category explaining the three elements of the triad.
2019-03-26 08:43:38 +01:00
c0dd773b90
Merge branch 'develop' into alexanderfry-feature/ssrf
2019-02-09 18:20:43 +01:00
bd86dc6ee0
SNAPSHOT version
2019-02-09 18:20:08 +01:00
d6dae9ef75
Merge branch 'feature/ssrf' of git://github.com/alexanderfry/WebGoat into alexanderfry-feature/ssrf
2019-02-09 16:42:08 +01:00
6c86929aa6
New release, updating pom.xml
2019-02-08 14:20:23 +01:00
98f75e34d5
Initial Commit of SSRF Lesson
2019-01-21 18:09:31 -04:00
631fedb752
New release, updating pom.xml
2019-01-18 08:45:44 +01:00
9be4361afc
New release, updating pom.xml
2019-01-18 08:37:26 +01:00
ec225558b9
Move to latest Spring Boot version and move to Java 11
2018-12-15 13:59:54 +01:00
1252e3dc21
Update instructions to use docker-compose only
2018-07-17 20:17:35 +02:00
ac12a009e4
New release v8.0.0.M20
2018-06-20 18:05:59 +02:00
9dd93d88d9
New release v8.0.0.M19
2018-06-20 16:40:28 +02:00
26aa72e721
New release
2018-05-30 20:54:13 +02:00
c510bd9bf1
New develop version
2018-05-30 20:37:25 +02:00
c7a714a590
Move to next release
2018-05-30 17:05:50 +02:00
ecb7688e08
Update to new version for develop
...
Move WebWolf to port 9090 easier since most of the time something is running on 8081
Add scripts for easy building Docker files etc
2018-05-30 13:17:05 +02:00
55793dd153
New release v8.0.0.M15
2018-05-27 20:54:50 +02:00
eaf68d38c5
Initial commit for password reset lesson
2018-05-25 14:27:45 +02:00
84860e65f6
Insecure Deserialization exercise
2018-05-23 13:58:03 +02:00
f30db3abfc
New version number
2018-04-11 20:45:12 +02:00
c6e86861fe
Removed Mongodb, so we do not have issues with downloading the embedded Mongodb. Moved back to JPA and use HSQLDB for storing user information.
2017-12-29 22:12:21 +01:00
f91f77708a
New version
2017-11-02 21:44:30 +01:00
