dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Commit Graph

  • d73875e8e8 Remove empty line Nanne Baars 2019-09-24 22:41:44 +02:00
  • e783c0c1f1 SQL: Cannot use apostrophe/quotes on string literals #662 Nanne Baars 2019-09-24 22:41:20 +02:00
  • 2a6b3d189e Disable csrf through property no longer works and we already have it in WebSecurityConfig. Thymeleaf templates caching is set on the resolvers themselves Nanne Baars 2019-09-24 18:08:53 +02:00
  • 96d11697d4 SQL Injection lesson 6 minor mistakes in examples #663 Nanne Baars 2019-09-24 17:36:53 +02:00
  • a0933d83d5 Reworked all the SQL statements to be uppercase Nanne Baars 2019-09-24 16:50:04 +02:00
  • 9fdbbf69d6 Proposition for fixing broken/improving links (#686) Cotonne 2019-10-16 17:29:27 +02:00
  • 1f00d461a8 cleaned logs and changed username length for csrf-uuid Rene Zubcevic 2019-10-14 21:49:44 +02:00
  • 6dc679e7b8 final tests and fixed the issue of getting the name of the loggedinuser Rene Zubcevic 2019-10-14 21:14:18 +02:00
  • 00873cfe3f csrf7 test cases added Rene Zubcevic 2019-10-14 06:40:42 +02:00
  • e932253f06 initial test cases added Rene Zubcevic 2019-10-13 16:04:41 +02:00
  • 8d7142e6d3 upgrade ascii doc with support for link in new tab Rene Zubcevic 2019-10-10 14:01:32 +02:00
  • e0ac4a1083
         lessons in correct order and scoreboard visible again (#680) René Zubcevic 2019-10-10 09:45:43 +02:00
  • f140875156
         fixed views for password reset (#679) René Zubcevic 2019-10-10 07:50:47 +02:00
  • 18d43f16d3
         working version with fixed link and GET for tracing purposes (#677) René Zubcevic 2019-10-09 09:58:35 +02:00
  • aee4b74202 Update Receiving_mail.adoc (#676) Atharva Vaidya 2019-10-03 21:52:54 +05:30
  • b481ed70e8 Fix typo in SQL Injection(Introduction) (#675) Choe Hyeong Jin 2019-10-03 17:01:35 +09:00
  • fd7fb4cfbc
         seems that we forgot about this one in the spring-boot-2 upgrade (#674) René Zubcevic 2019-10-02 14:52:21 +02:00
  • 663224d06a
         xxe path info (#670) René Zubcevic 2019-10-02 09:59:32 +02:00
  • 7536770769
         deserialization made solvable again (#673) René Zubcevic 2019-10-02 08:26:48 +02:00
  • 6c14f4987c Update IntroductionWebWolf.adoc René Zubcevic 2019-09-29 14:50:41 +02:00
  • 3d38ed7680 some text change Rene Zubcevic 2019-09-27 15:42:49 +02:00
  • 1a11702979 NL intro Rene Zubcevic 2019-03-26 16:34:46 +01:00
  • 0319c477b1
         XSS lesson completion fixes (#669) René Zubcevic 2019-09-29 14:46:18 +02:00
  • 45c7949118
         Merge pull request #668 from afcidk/fix-typo René Zubcevic 2019-09-27 15:05:59 +02:00
  • 9b906a2a29 Fix typo in XXE lesson Pei Hsuan Hung 2019-09-25 00:37:36 +08:00
  • 686d8b0c85
         Merge pull request #667 from WebGoat/spring-boot-2 Nanne Baars 2019-09-24 17:09:09 +02:00
  • d080b3ef06 Review comment Nanne Baars 2019-09-24 07:36:49 +02:00
  • dad9c75ee0 Fix tests after updating from develop, changes applied for migrating to Spring Boot 2 Nanne Baars 2019-09-23 17:35:04 +02:00
  • 35c1305ce9 Merge conflicts resolved Nanne Baars 2019-09-23 07:34:27 +02:00
  • 261f947777 Fix Nanne Baars 2019-09-20 17:45:33 +02:00
  • c8ef848657 Fix Nanne Baars 2019-09-20 17:36:15 +02:00
  • f29b923eef FIx? Nanne Baars 2019-09-20 17:10:58 +02:00
  • 6fe5831f11 FIx? Nanne Baars 2019-09-20 16:46:26 +02:00
  • cf00454f8b Testing issue Nanne Baars 2019-09-20 08:30:07 +02:00
  • e8d086ac9b All successful Nanne Baars 2019-09-20 07:59:04 +02:00
  • 3ec4592fb2
         Merge pull request #657 from WebGoat/xxe-int-test René Zubcevic 2019-09-19 18:09:02 +02:00
  • d7a2596670 Update lesson template Nanne Baars 2019-09-19 07:54:30 +02:00
  • 9c431eb2a3 Remove (was not generated btw) Nanne Baars 2019-09-18 18:03:40 +02:00
  • 1be9397c21 Add notifications from Travis Nanne Baars 2019-09-18 18:02:14 +02:00
  • 82ad0a7cc7 Finally working Nanne Baars 2019-09-18 17:53:43 +02:00
  • 4777dab57a review comments processed René Zubcevic 2019-09-18 17:46:32 +02:00
  • a5cb5b0e8e removed log in checkresults Rene Zubcevic 2019-09-18 16:16:44 +02:00
  • 30d38f9b56 completed test Rene Zubcevic 2019-09-18 16:10:52 +02:00
  • ec236a4ff5 First steps in XXE integration tests Rene Zubcevic 2019-09-18 14:48:34 +02:00
  • 57e6a84cef fixed and improved first two jwt challenges Rene Zubcevic 2019-09-17 08:35:34 +02:00
  • 2b01cbcb75 Fixed last tests Nanne Baars 2019-09-16 07:43:22 +02:00
  • f774364461 Working unit tests Nanne Baars 2019-09-13 20:05:25 +02:00
  • 04f1b9a282 Update to the copyright Nanne Baars 2019-09-13 19:27:25 +02:00
  • 71dea87653 WebWolf test working again Nanne Baars 2019-09-13 19:25:09 +02:00
  • dceb375d5e WIP Nanne Baars 2019-09-13 18:57:40 +02:00
  • 5e6f825e64 WIP Nanne Baars 2019-09-13 16:42:13 +02:00
  • 361249c666 First attempt at moving to Spring Boot 2 Nanne Baars 2019-09-12 17:22:03 +02:00
  • fb2e11fe11 fix for complete progress of sql mitigations and integration test René Zubcevic 2019-09-10 09:00:13 +02:00
  • a56f41e0ea Merge branch 'pr/579' into develop Nanne Baars 2019-09-10 13:55:43 +02:00
  • 43c25dc3bb Modified PR to reflect coding style Nanne Baars 2019-09-10 13:53:30 +02:00
  • 6e9a52a05e
         Merge pull request #647 from WebGoat/separate_project René Zubcevic 2019-09-09 14:05:21 +02:00
  • f7c8a271aa Fixed small typos Nanne Baars 2019-09-09 13:55:24 +02:00
  • 7a4f6e6fd3 Merge branch 'JeffreyWagnerBHN-develop' into develop Nanne Baars 2019-09-09 13:54:38 +02:00
  • aec051a9f1 Fixed minor spelling mistake ephemeralwaves 2019-09-06 12:05:50 -04:00
  • bf52e7a992 Fixed checking of server already running Nanne Baars 2019-09-09 11:37:26 +02:00
  • 0982bd982c Review comments processed: - Ports can now be changed - User is now a default user making it easier to login and look around after a failure Nanne Baars 2019-09-08 18:52:12 +02:00
  • 75a174ff7b Fixed description and grammer Jeffrey Wagner 2019-09-06 21:12:55 -04:00
  • 2283f945a9 Fix failing configuration Nanne Baars 2019-08-25 17:53:36 +02:00
  • ff530e926e Use separate project for integration tests so we can start WebGoat and WebWolf Nanne Baars 2019-08-25 17:43:14 +02:00
  • 139651615e Make lesson csrf-7 stricter (do not allow invalid JSON, e.g. trailing =) Matthias Grundmann 2019-07-12 16:49:57 +02:00
  • 924a53c22a fixed sql adv 5 progress and added prove in integration test René Zubcevic 2019-08-22 13:48:48 +02:00
  • c93563da3f
         Merge pull request #643 from TortugaAttack/multipleTracker45 René Zubcevic 2019-08-22 15:07:59 +02:00
  • 73553d91d3
         Merge pull request #639 from jskiba99/patch-2 René Zubcevic 2019-08-22 11:14:38 +02:00
  • f0d1555a09 Fixed #45 - multiple tracker for one user fixed TortugaAttack 2019-08-21 23:38:27 +02:00
  • 6d36e7db74 Added new endpoint for POST so it will give feedback to the UI. It now ended up in a HTTP/405 which does not give any feedback to the UI Nanne Baars 2019-08-17 13:52:59 +02:00
  • e01c2a35ce Add test case for security question assignment and the tracking is now done with a session scoped bean Nanne Baars 2019-08-06 19:03:40 +02:00
  • 7d9f24c86b
         Update CrossSiteScripting_content9.adoc Jacob Skiba 2019-08-06 05:26:05 -04:00
  • 18eee4df58 Fix for issue with timestamp not being parsed when sending to WebWolf timestamp was already fixed at LocalDateTime.now() however WebGoat still send the timestamp along, removed it Nanne Baars 2019-07-28 20:50:19 +02:00
  • e61c943f97 #601 bug: username is case sensitive, but email in general is not Opted for completing remove support for uppercase letters in username this way we never come across issued with casing in WebGoat Nanne Baars 2019-07-28 20:48:20 +02:00
  • d2e23f6b8e reduce logging René Zubcevic 2019-07-25 10:59:37 +02:00
  • ffbc808e26 Integration test support René Zubcevic 2019-07-25 10:49:25 +02:00
  • ae674b9297
         Merge pull request #620 from zubcevic/july2019-bugfixes René Zubcevic 2019-07-25 08:39:34 +02:00
  • 33c73a7dca Adding new developer Nanne Baars 2019-07-19 15:07:18 +02:00
  • 216b29fca2 Clean up in pom files Nanne Baars 2019-07-19 14:30:58 +02:00
  • ee0988effe
         Merge pull request #627 from WebGoat/gh-jwhite-patch-1 misfir3 2019-07-23 14:19:26 -06:00
  • 67440a6cc8
         Delete do-not-merge.md gh-jwhite 2019-07-23 14:18:51 -06:00
  • 6c8921a951
         Merge pull request #625 from WebGoat/another-ci-fail-test gh-jwhite 2019-07-23 11:41:35 -06:00
  • b395be9bd0
         Create do-not-merge.md gh-jwhite 2019-07-23 10:38:25 -06:00
  • 7ad3996f2f fix 6a6b page Rene Zubcevic 2019-07-22 15:36:31 +02:00
  • b65644edee progress fix for SqlInjectionMitigations Rene Zubcevic 2019-07-22 12:16:18 +02:00
  • ea38973068 UTF-8 config added for ThymeLeaf Rene Zubcevic 2019-07-22 08:21:34 +02:00
  • 7d0a63ac95 small html changes to improve progress René Zubcevic 2019-07-20 09:34:27 +02:00
  • f9e78739f3 reverted mandatory file encoding which will make it worse on windows René Zubcevic 2019-07-20 09:13:21 +02:00
  • 656fa40182 style sheet and advanced sql Rene Zubcevic 2019-07-19 16:49:30 +02:00
  • 99435a1073 increased sql form fields and fixed chrome progress Rene Zubcevic 2019-07-19 12:16:06 +02:00
  • 9471e53818 Fix image names for google chrome dev tools lesson Johannes Egger 2019-06-14 19:35:17 +02:00
  • d814522223 Fix test for HTTP proxy lesson Johannes Egger 2019-06-14 14:56:33 +02:00
  • 2eaf263e81 Improve task description for HTTP proxy lesson Johannes Egger 2019-06-14 14:56:10 +02:00
  • 41f252970b corrected path in pom Rene Zubcevic 2019-05-21 08:30:46 +02:00
  • 63a1097466 owasp categories Rene Zubcevic 2019-04-02 18:07:53 +02:00
  • bc0d803123 add login&pwd in JDBC url for PostgreSQL Sylvain Juge 2019-05-13 11:25:38 +02:00
  • 12de48ebbb additional environment entries to support https on webgoat Rene Zubcevic 2019-05-09 12:24:28 +01:00
  • 62fbd6d340
         Merge pull request #610 from johannesegger/patch-1 misfir3 2019-07-12 17:21:46 -06:00
  • e36b4c3910
         Merge pull request #618 from matthias-g/csrf-3-post misfir3 2019-07-12 17:16:23 -06:00
  • 97f66545e0
         In CSRF-3 use POST instead of GET to prevent solving the assignment just by opening the URL in a new tab Matthias Grundmann 2019-07-12 17:25:05 +02:00