8e567b0f86
Spoofing an Authentication Cookie lesson
2021-09-23 15:51:17 +02:00
60bd04b9aa
Move to snapshot version
2021-07-29 11:13:16 +03:00
69a370f438
New release, updating pom.xml
2021-05-23 20:11:23 +02:00
ae6d448aa0
Replace ${revision} with real version as Maven
...
The CI pipeline should take care of this.
2021-03-31 19:31:13 +02:00
b8bdb8f432
Updating to the new development version
2021-03-30 14:05:26 +00:00
574039902d
changed version to snapshot version and introduced revision parameter
...
for it
2020-11-27 12:15:19 +01:00
39740e069e
New release
2020-05-22 14:10:31 +02:00
c4153ecbfb
Maven owasp dep update ( #776 )
...
* add pmd and owasp dependency check through -P owasp profile
* suppress full stack trace in log
* revert to spring 2.2.0 as 2.2.4 failed in travis
* added owasp dependency check maven configuration details to vulenerable
lesson page 7
2020-04-06 16:01:09 +02:00
6c25cf8e43
Add path traversal lesson
2020-03-10 08:03:48 +01:00
b5e5dd1d13
Crypto lesson ( #712 )
...
* crypto lesson added
* signing assignment
* integration test added for signing assignment
* added more hints
* corrections after rebase
* added some explanation
* added security defaults assignment
2019-11-23 21:52:14 +01:00
5dd6b31905
Adjust lesson template ( #704 )
...
* Remove method `getId()` from all lessons as it defaults to the class name
* remove clean up endpoint
* remove unused class `RequestParameter`
* remove unused class `PluginLoadingFailure`
* Move `CourseConfiguration` to lesson package
* Add more content around the lesson template lesson and make it visible as a lesson in WebGoat
* Remove explicit invocation `trackProgress()` inside WebGoat framework so assignments only need to return an `AttackResult`
* Put original solution back as well for SQL string injection
* review comments
* Add
2019-11-17 13:39:56 +01:00
f40b6ffd31
Moving back to snapshot
2019-11-13 12:27:26 +01:00
fe2ac1b8d4
New release, updating pom.xml
2019-11-12 09:22:45 +01:00
361249c666
First attempt at moving to Spring Boot 2
2019-09-12 17:22:03 +02:00
ff530e926e
Use separate project for integration tests so we can start WebGoat and WebWolf
2019-08-25 17:43:14 +02:00
ffbc808e26
Integration test support
2019-07-25 20:17:52 +02:00
216b29fca2
Clean up in pom files
2019-07-24 20:37:32 +02:00
98537426f2
SNAPSHOT version
2019-05-03 11:15:11 +02:00
9b0c4e62c2
New release, updating pom.xml
2019-05-03 09:50:01 +02:00
91e6f70919
Added lesson (no content yet) for explaining nist password standards.
2019-03-26 08:43:38 +01:00
af565b5035
Added Tutorial for Chrome Developer Tools.
2019-03-26 08:43:38 +01:00
d2a2716a9a
Added a lesson for the CIA-Triad in the general category explaining the three elements of the triad.
2019-03-26 08:43:38 +01:00
a49dd6c348
Updated version in pom.xml
2019-02-09 20:51:14 +01:00
bd86dc6ee0
SNAPSHOT version
2019-02-09 18:20:08 +01:00
6c86929aa6
New release, updating pom.xml
2019-02-08 14:20:23 +01:00
631fedb752
New release, updating pom.xml
2019-01-18 08:45:44 +01:00
9be4361afc
New release, updating pom.xml
2019-01-18 08:37:26 +01:00
ec225558b9
Move to latest Spring Boot version and move to Java 11
2018-12-15 13:59:54 +01:00
1252e3dc21
Update instructions to use docker-compose only
2018-07-17 20:17:35 +02:00
ac12a009e4
New release v8.0.0.M20
2018-06-20 18:05:59 +02:00
9dd93d88d9
New release v8.0.0.M19
2018-06-20 16:40:28 +02:00
26aa72e721
New release
2018-05-30 20:54:13 +02:00
c510bd9bf1
New develop version
2018-05-30 20:37:25 +02:00
c7a714a590
Move to next release
2018-05-30 17:05:50 +02:00
ecb7688e08
Update to new version for develop
...
Move WebWolf to port 9090 easier since most of the time something is running on 8081
Add scripts for easy building Docker files etc
2018-05-30 13:17:05 +02:00
55793dd153
New release v8.0.0.M15
2018-05-27 20:54:50 +02:00
eaf68d38c5
Initial commit for password reset lesson
2018-05-25 14:27:45 +02:00
84860e65f6
Insecure Deserialization exercise
2018-05-23 13:58:03 +02:00
0e160c19f5
Docker-compose for postgres and hsqldb
2018-05-01 21:58:43 +02:00
f30db3abfc
New version number
2018-04-11 20:45:12 +02:00
c6e86861fe
Removed Mongodb, so we do not have issues with downloading the embedded Mongodb. Moved back to JPA and use HSQLDB for storing user information.
2017-12-29 22:12:21 +01:00
f91f77708a
New version
2017-11-02 21:44:30 +01:00
fc1353b2f1
Pom cleanup
2017-11-02 16:14:44 +01:00
a11d3d0b1b
- Made movie little bit shorter because webgoat-server.jar was over 200Mb
...
- Movie was copy and pasted to csrf and auth lesson removed it from those lessons
- Made jars which are not necessary in the webgoat-server.jar optional
2017-11-02 15:39:49 +01:00
87a7521dcd
Adding introduction to WebGoat as the web interface opens with WebWolf which is confusing because people thought you needed to download WebWolf and start it directly. Feedback received during workshops
2017-11-02 14:28:20 +01:00
1ecb43092d
Bumped version number
2017-10-18 19:58:14 +02:00
8250b4048f
Updating version number
2017-10-18 19:43:33 +02:00
3ee1a1ca16
Travis now builds Docker and create a Github release.
...
Removed ActiveMQ between WebGoat and WebWolf they now act as standalone applications
2017-10-18 10:54:16 +02:00
d0ec84e9a6
Merge remote-tracking branch 'upstream/develop' into develop
2017-10-11 20:29:47 -06:00
b156d81535
Initial cut on CSRF. More to come
2017-10-11 20:06:57 -06:00
