dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Commit Graph

  • 8450c5a5be
         skip validation for JWT (#1663) René Zubcevic 2023-11-15 18:30:14 +01:00
  • ba75e10efd
         fixed issue in JWT test tool and added robot test (#1658) René Zubcevic 2023-11-14 18:14:48 +01:00
  • d1e44bbc98
         Password reset link test condition more strict and move all WebWolf links to /WebWolf (#1645) René Zubcevic 2023-11-14 10:01:59 +01:00
  • 5a4974f3c2
         chore: bump org.apache.maven.plugins:maven-checkstyle-plugin (#1640) dependabot[bot] 2023-11-02 08:13:39 +01:00
  • 4fc1d1fb22
         chore: bump org.apache.maven.plugins:maven-surefire-plugin (#1641) dependabot[bot] 2023-11-02 07:26:26 +01:00
  • 084a105c69
         Java 21 initial support (#1622) René Zubcevic 2023-10-23 20:21:00 +02:00
  • 7485cb8b9a
         chore: bump org.webjars:bootstrap from 3.3.7 to 5.3.2 (#1624) dependabot[bot] 2023-10-23 20:09:48 +02:00
  • c312ae989f
         chore: bump docker/setup-buildx-action from 2 to 3 (#1628) dependabot[bot] 2023-10-23 17:12:25 +02:00
  • 5fde7fbf29
         chore: bump docker/login-action from 2.2.0 to 3.0.0 (#1630) dependabot[bot] 2023-10-23 17:03:54 +02:00
  • a32c56bfc7
         chore: bump actions/first-interaction from 1.1.1 to 1.2.0 (#1629) dependabot[bot] 2023-10-23 16:57:16 +02:00
  • 6fd3eb57eb
         chore: bump com.google.guava:guava from 32.1.1-jre to 32.1.3-jre (#1627) dependabot[bot] 2023-10-23 16:49:02 +02:00
  • 1743d017ff
         chore: bump commons-io:commons-io from 2.13.0 to 2.14.0 (#1626) dependabot[bot] 2023-10-23 16:25:45 +02:00
  • 2b2638943b
         chore: bump org.jacoco:jacoco-maven-plugin from 0.8.10 to 0.8.11 (#1625) dependabot[bot] 2023-10-23 16:18:27 +02:00
  • 45c26d8aaf
         Fix servers id (#1619) François Capon 2023-10-22 15:25:52 +02:00
  • be30551850 fix: potential NPE in the stored XSS assignment Àngel Ollé Blázquez 2023-08-27 14:23:34 +02:00
  • 49862f6b90 fix: fixes the default change in trailing slash matching and address the affected assignments Àngel Ollé Blázquez 2023-08-27 14:02:50 +02:00
  • 4009785bb8 fix: crypto basics broken links Àngel Ollé Blázquez 2023-08-27 13:08:50 +02:00
  • d8341c86a1 bug: fix hint that was breaking the template, causing hints from different assignments to mix (#1424) Àngel Ollé Blázquez 2023-08-27 01:44:28 +02:00
  • 055578893d feat: improve MFAC lesson hint texts for a better user experience (#1424) Àngel Ollé Blázquez 2023-08-27 01:43:47 +02:00
  • b89ebd70ad chore: bump webdrivermanager from 5.3.2 to 5.3.3 dependabot[bot] 2023-06-13 08:02:35 +00:00
  • 7b81247dd1 fix: HijackSession lesson template deprecated Tymeleaf attribute Àngel Ollé Blázquez 2023-08-26 02:41:49 +02:00
  • 3bc2e57c9c Fix NPE in IDOR lesson Àngel Ollé Blázquez 2023-08-26 02:12:41 +02:00
  • c3ec168d59 Add new assignment IT tests Àngel Ollé Blázquez 2023-08-26 01:23:07 +02:00
  • a67fbf5a5a fix: XSS mitigation Àngel Ollé Blázquez 2023-08-25 23:24:20 +02:00
  • 3365c8d447 Remove wrong files Àngel Ollé Blázquez 2023-08-25 22:42:35 +02:00
  • 368c046779 fix: Stored Cross-Site Scripting Lesson Àngel Ollé Blázquez 2023-08-25 20:37:56 +02:00
  • 8749137d1e chore: bump org.webjars:jquery from 3.6.4 to 3.7.0 dependabot[bot] 2023-08-24 14:44:07 +00:00
  • 786cabd251 Make webjar dependencies version agnostic Àngel Ollé Blázquez 2023-08-24 16:34:09 +02:00
  • dda8b10f55 chore: bump org.jruby:jruby from 9.4.2.0 to 9.4.3.0 dependabot[bot] 2023-08-18 14:15:55 +00:00
  • d6ca083529 chore: bump commons-io:commons-io from 2.11.0 to 2.13.0 dependabot[bot] 2023-08-08 15:19:04 +00:00
  • 7c92d625dd doc: fix version strings test2user-aqil 2023-08-15 21:56:52 +04:00
  • 46f0411678
         WIP gh-1165 Nanne Baars 2023-08-13 12:02:14 +02:00
  • 4ba818533c fix: WebWolf JWT jquery webjar Àngel Ollé Blázquez 2023-08-09 00:51:05 +02:00
  • a9b1fd66b8
         feat: implement JWT jku example (#1552) Nanne Baars 2023-08-08 17:18:22 +02:00
  • 8f6e47e6d4
         chore: bump com.nulab-inc:zxcvbn from 1.7.0 to 1.8.0 (#1542) dependabot[bot] 2023-08-04 16:34:49 +02:00
  • 61de52840f
         chore: bump com.diffplug.spotless:spotless-maven-plugin from 2.33.0 to 2.38.0 (#1535) dependabot[bot] 2023-07-30 15:10:31 +02:00
  • fd3eb2451c
         chore: bump guava from 31.1-jre to 32.1.1-jre (#1530) dependabot[bot] 2023-07-29 12:35:06 +02:00
  • 32fa1ec0a6
         chore: bump jquery from 3.5.1 to 3.6.4 (#1529) dependabot[bot] 2023-07-27 13:04:46 +02:00
  • ad00119b0d Add Assignment7 Tests Àngel Ollé Blázquez 2023-07-18 00:12:44 +02:00
  • 25f49537e7 bug: Fix IDOR lesson Àngel Ollé Blázquez 2023-07-16 17:04:49 +02:00
  • 8cb735e623 chore: bump joonvena/robotframework-reporter-action from 2.1 to 2.2 dependabot[bot] 2023-06-18 18:14:31 +00:00
  • 155a40aab4 chore: bump docker/build-push-action from 4.1.0 to 4.1.1 dependabot[bot] 2023-06-19 09:56:50 +00:00
  • 6c4ddbbaad chore: bump maven-surefire-plugin from 3.1.0 to 3.1.2 dependabot[bot] 2023-06-13 08:01:53 +00:00
  • d704f69879
         chore: bump commons-compress from 1.22 to 1.23.0 (#1514) dependabot[bot] 2023-07-15 09:28:40 +02:00
  • bd5fe360c7
         fix: WIP gh-1329 Nanne Baars 2023-06-19 17:42:20 +02:00
  • 3b2b613aa5
         chore: bump asciidoctorj from 2.5.3 to 2.5.10 (#1498) dependabot[bot] 2023-06-18 20:21:53 +02:00
  • 934ba3e496
         fix: remove steps from release script (#1509) Nanne Baars 2023-06-18 20:13:38 +02:00
  • 8ec718c1ef format Àngel Ollé Blázquez 2023-06-15 19:08:10 +02:00
  • 1df7ca61a3 Text content improvement Àngel Ollé Blázquez 2023-06-15 18:52:05 +02:00
  • 75398feca0 Add hints Àngel Ollé Blázquez 2023-06-15 18:41:45 +02:00
  • 76a2365abf
         chore: bump docker/setup-qemu-action from 2.1.0 to 2.2.0 (#1503) dependabot[bot] 2023-06-14 10:31:00 +02:00
  • 015216df5f
         chore: bump docker/login-action from 2.1.0 to 2.2.0 (#1502) dependabot[bot] 2023-06-13 17:06:35 +02:00
  • 60fc807d36
         chore: bump docker/build-push-action from 4.0.0 to 4.1.0 (#1501) dependabot[bot] 2023-06-13 10:50:53 +02:00
  • 636a2bdaf5
         fix: robotframework fails due to updated dependencies (#1508) Nanne Baars 2023-06-13 10:00:50 +02:00
  • 816a694c84
         chore: bump maven-surefire-plugin from 3.0.0-M9 to 3.1.0 (#1499) dependabot[bot] 2023-06-07 21:31:54 +02:00
  • 06a55ab278
         chore: bump maven-checkstyle-plugin from 3.2.1 to 3.3.0 (#1496) dependabot[bot] 2023-06-07 09:41:13 +02:00
  • 0136c1070f
         chore: bump spring-boot-starter-parent from 3.0.5 to 3.1.0 (#1497) dependabot[bot] 2023-06-06 16:21:11 +02:00
  • dce5eeb797 bug: fix Java image inside Docker file The image now downloads the correct Java version based on the architecture. Nanne Baars 2023-06-04 14:56:46 +02:00
  • ca886b4818
         feat: upgrade to Spring Boot version 3 (#1477) Nanne Baars 2023-06-04 11:19:47 +02:00
  • ff3a2983e2
         chore: bump zxcvbn from 1.5.2 to 1.7.0 (#1471) dependabot[bot] 2023-06-02 16:21:17 +02:00
  • 6f0b88f9b6
         chore: bump cglib-nodep from 2.2 to 3.3.0 (#1470) dependabot[bot] 2023-06-02 16:06:55 +02:00
  • 9d9fb092be
         chore: bump maven-enforcer-plugin from 3.2.1 to 3.3.0 (#1468) dependabot[bot] 2023-06-02 09:01:54 +02:00
  • 4bc53a6666
         chore: bump maven-checkstyle-plugin from 3.1.2 to 3.2.1 (#1472) dependabot[bot] 2023-06-02 08:54:21 +02:00
  • 61d5fb9ece
         chore: bump jsoup from 1.15.4 to 1.16.1 (#1484) dependabot[bot] 2023-06-02 08:43:43 +02:00
  • 6eafa45e4c chore: bump jacoco-maven-plugin from 0.8.8 to 0.8.10 dependabot[bot] 2023-05-01 10:10:21 +00:00
  • ac6de9d788 Fix typo of HijackSession_content0.adoc caputdraconis 2023-04-01 16:00:28 +09:00
  • f6855bf6a5
         chore: bump guava from 30.1-jre to 31.1-jre (#1448) dependabot[bot] 2023-04-06 11:55:22 +02:00
  • f7b4af5023
         chore: bump bootstrap from 3.3.7 to 5.2.3 (#1441) dependabot[bot] 2023-04-06 11:55:08 +02:00
  • e720eec5f9
         chore: bump jruby from 9.3.6.0 to 9.4.2.0 (#1454) dependabot[bot] 2023-04-06 11:54:51 +02:00
  • a43a6125e8
         chore: bump actions/cache from 3.2.6 to 3.3.1 (#1453) dependabot[bot] 2023-04-06 11:54:05 +02:00
  • d3e2164716
         chore: bump asm from 9.1 to 9.5 (#1460) dependabot[bot] 2023-04-06 11:53:50 +02:00
  • cbf2e153d9 Restrict SSRF Regexes Loris Sierra 2023-03-07 17:37:30 +01:00
  • 0795ff0fc5 chore: bump commons-io from 2.6 to 2.11.0 dependabot[bot] 2023-02-27 09:32:09 +00:00
  • d7cdfeec2a chore: bump webdrivermanager from 4.3.1 to 5.3.2 dependabot[bot] 2023-02-27 09:32:17 +00:00
  • 491fe2d84d chore: bump maven-enforcer-plugin from 3.0.0 to 3.2.1 dependabot[bot] 2023-02-27 09:32:13 +00:00
  • a509e8e24e chore: bump commons-text from 1.9 to 1.10.0 dependabot[bot] 2023-02-27 09:32:04 +00:00
  • e50986a098
         fix: challenge 7 (#1433) Nanne Baars 2023-02-22 22:55:48 +01:00
  • 61dac201f0 Add coverage profile Àngel Ollé Blázquez 2023-02-21 00:40:46 +01:00
  • c5629be618
         chore: bump spotless-maven-plugin from 2.29.0 to 2.33.0 (#1426) dependabot[bot] 2023-02-22 13:36:24 +01:00
  • df8c83fe74
         chore: bump eclipse-temurin from 17-jre-focal to 19-jre-focal (#1427) dependabot[bot] 2023-02-22 13:36:07 +01:00
  • 6d3813c2ce
         chore: bump commons-compress from 1.21 to 1.22 (#1428) dependabot[bot] 2023-02-22 13:35:52 +01:00
  • ecfa0197af
         chore: bump maven-surefire-plugin from 3.0.0-M5 to 3.0.0-M9 (#1429) dependabot[bot] 2023-02-22 13:35:36 +01:00
  • 8467ae8a0b
         chore: bump jsoup from 1.14.3 to 1.15.4 (#1430) dependabot[bot] 2023-02-22 13:35:20 +01:00
  • 5243fa2bf2
         chore: bump jose4j from 0.7.6 to 0.9.3 (#1431) dependabot[bot] 2023-02-22 13:35:01 +01:00
  • 36f99dede8 Bump actions/cache from 3.2.5 to 3.2.6 dependabot[bot] 2023-02-22 09:15:51 +00:00
  • 5dbe2eaf19 refactor: update challenge code - Flags are now wired through a Spring config - Introduced Flag class - Removed Flags from the FlagController Nanne Baars 2023-02-22 10:32:41 +01:00
  • 1b49b2fd3b chore: format markdown file Nanne Baars 2023-02-22 10:31:10 +01:00
  • b49c61636b ci: add maven and docker to dependabot configuration Nanne Baars 2023-02-21 20:56:53 +01:00
  • 8269207d6b docs: add documentation we start using Conventional Commits. Fixes #1022 Nanne Baars 2023-02-17 14:58:02 +01:00
  • de2f568229 chore: back to snapshot version after release Nanne Baars 2023-02-17 14:48:37 +01:00
  • 9f6cf39ff2 ci: add distribution in snapshot job Nanne Baars 2023-02-17 14:48:01 +01:00
  • 19d54dbe95 chore: release version 2023.4 Nanne Baars 2023-02-17 13:07:22 +01:00
  • 3fd66ee9d9 chore: release version 2023.4 v2023.4 Nanne Baars 2023-02-17 13:07:22 +01:00
  • 5ef865a54b chore: release version 2023.4 v2023.04 Nanne Baars 2023-02-17 13:07:22 +01:00
  • 0f38519ecf ci: add step for pushing Docker desktop image Nanne Baars 2023-02-17 12:46:16 +01:00
  • 4c95c9ec6a ci: add step to build and verify Docker image Nanne Baars 2023-02-16 21:40:34 +01:00
  • f6c7a54931 docs: add screenshot to README and add Docker WebGoat desktop text Nanne Baars 2023-02-16 21:39:06 +01:00
  • f1012c85d6 feat: add Docker desktop version of WebGoat with all tools installed The new Docker image uses linuxserver/webtop giving users the opportunity to run a Linux desktop in their browser without installing any tools on their local machine. Nanne Baars 2023-02-16 21:34:26 +01:00
  • ecfc321f14 feature: Add extra feedback once someone solves JWT refresh lesson differently One can solve this lesson by using alg:none instead of using the refresh token flow. Instead of adding a check to force using the refresh token we opt for giving the user extra feedback. Nanne Baars 2023-02-16 17:32:13 +00:00
  • 73b8c431fc chore: use constructor instead of field dependency injection Nanne Baars 2023-02-16 14:11:59 +00:00