dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Commit Graph

  • fbf2d1b422 Added validation to detect duplicate users during registration Nanne Baars 2017-04-08 08:30:14 +02:00
  • a3d2ed171a First steps for challenge 2 Nanne Baars 2017-04-08 08:04:16 +02:00
  • dc245bd1e7 Updated README for building and starting WebGoat Nanne Baars 2017-03-23 22:00:52 +01:00
  • f7c060ec81 Fixing Travis build Nanne Baars 2017-03-23 21:54:02 +01:00
  • 9833637abf Fixed exception while logging in with unknown user Nanne Baars 2017-03-23 21:46:21 +01:00
  • 5156b05aac Fixed logout Nanne Baars 2017-03-23 21:03:20 +01:00
  • 9f7f68f1f4 wip Nanne Baars 2017-03-23 20:30:23 +01:00
  • debc1e4b73 Added more for challenge 1 including input form group for flag Nanne Baars 2017-03-23 16:12:04 +01:00
  • 36b10c07bc First attempt for challenge Nanne Baars 2017-03-23 11:49:34 +01:00
  • 98000d6002 Fixing links in several lessons Nanne Baars 2017-03-23 09:37:53 +01:00
  • 634a4c75b6 Fix path to javascript file Gerard de Leeuw 2017-03-30 17:49:17 +02:00
  • e094dd6d14 Typo's Gerard de Leeuw 2017-03-30 16:56:42 +02:00
  • 034bcf1305 Fixing Travis build Nanne Baars 2017-03-22 20:53:10 +01:00
  • 7f9af71c4c Updating Docker files to reflect new naming of the server standalone jar Nanne Baars 2017-03-22 17:43:46 +01:00
  • 90eee0e2d8 Adding write_delay option to hsql database (otherwise users were not persisted in database correctly) Nanne Baars 2017-03-22 17:04:44 +01:00
  • c14b172503 Removed default values from login screen Nanne Baars 2017-03-22 15:53:50 +01:00
  • 53d30e2274 Fixed saving lesson tracker with reloadable classloader Nanne Baars 2017-03-22 15:51:57 +01:00
  • 259fd19c1b - Introduced user registration - Now using Spring Boot for classloading, this way local development does not need to restart the complete server - Fixed all kinds of dependencies on the names of the lessons necessary to keep in mind during the creation of a lesson. - Simplied loading of resources, by adding resource mappings in MvcConfig. - Refactored plugin loading, now only one class is left for loading the lessons. Nanne Baars 2017-02-25 12:15:07 +01:00
  • 9b86aaba05 Adding challenge Nanne Baars 2017-03-22 00:09:17 +01:00
  • ad3e9439ec [fix] SQLi Lessons 6a-b: lesson passed's boolean hillstonenet-interns-bj 2017-02-27 16:24:15 +08:00
  • f5c3610aba [fix] path in HttpProxies html file was wrong hillstonenet-interns-bj 2017-02-22 14:11:21 +08:00
  • 26ab0dc712 Added support to build an Docker container to run it on Raspberry Pi (#329) Kristoffer Schneider 2017-03-02 21:31:40 +01:00
  • 2b9185d85f Merge pull request #328 from misfir3/develop Nanne Baars 2017-03-02 21:31:04 +01:00
  • f71d02fc6a Merge branch 'develop' into develop Nanne Baars 2017-03-02 21:24:09 +01:00
  • 2d6235e4f0 Provide Server-side service to support UI localization #265 - Now also enabled for adoc Nanne Baars 2017-02-07 21:54:34 +01:00
  • 153dc57731 Basic solutions cheat file for now Jason White 2017-02-17 16:18:57 -05:00
  • 3193b591d8 commenting out latter part of XSS for now Jason White 2017-02-17 16:18:36 -05:00
  • ac6e8b59b7 XSS updates Jason White 2017-02-17 15:59:38 -05:00
  • d99a1d8448 temp. dep. mgmt resolution Jason White 2017-02-17 14:53:23 -05:00
  • 7f532f0ffc XSS lesson updates Jason White 2017-02-17 13:05:54 -05:00
  • af8f8c27a6 moving controls to top of content Jason White 2017-02-16 14:56:08 -05:00
  • 0763eac26b Merge remote-tracking branch 'upstream/develop' into develop Jason White 2017-02-16 09:09:58 -05:00
  • d8cc2de080 resolving conflicts merge Jason White 2017-02-16 09:08:19 -05:00
  • 0de569339c Cleanup of vulnerable components mayhew64 2017-02-08 11:37:11 -05:00
  • 27947cca96 Fixed the SQL Injection to return results upon success mayhew64 2017-02-08 00:01:44 -05:00
  • 33e807797c Xstream RCE works now mayhew64 2017-02-07 23:51:05 -05:00
  • 65d728dfff Solved issue with POST in vulnerable components lesson Nanne Baars 2017-02-07 23:49:26 +01:00
  • 8d3b028acc Solved issue with POST in vulnerable components lesson Nanne Baars 2017-02-07 23:38:57 +01:00
  • a00546638a Merge branch 'develop' of https://github.com/WebGoat/WebGoat into develop mayhew64 2017-02-07 16:06:45 -05:00
  • b4159385c1 Vulnerable components draft, fixed missing properties in httpbasics when user input was empty mayhew64 2017-02-07 16:05:30 -05:00
  • 92533b4fc1 Fixed grammatical error Charles Truluck 2017-02-03 18:49:29 -05:00
  • 4664669ff2 cleaning up, fixing selected lesson class/es Jason White 2017-01-31 14:47:35 -05:00
  • 40844bd823 #319 updated content for proxy Jason White 2017-01-31 11:38:57 -05:00
  • 85ef7ee1a4 Merge branch 'develop' of https://github.com/WebGoat/WebGoat into develop mayhew64 2017-02-06 09:19:29 -05:00
  • ae82df3fb4 Fixed issue with loading messages in different language. As a standalone jar you can write properties back to messages.properties, this approach worked when you run with exploded classpath (target/classes etc). However failed when running inside Docker container. Nanne Baars 2017-02-05 21:54:07 +01:00
  • d25700434e Added tests for assignments Nanne Baars 2017-01-31 21:51:38 +01:00
  • f72f0dbddc Merge branch 'develop' of github.com:misfir3/WebGoat into develop Jason White 2017-01-31 14:49:48 -05:00
  • b4106919d0 cleaning up, fixing selected lesson class/es Jason White 2017-01-31 14:47:35 -05:00
  • 4d2edfa146 #319 updated content for proxy Jason White 2017-01-31 11:38:57 -05:00
  • 675c506683 cleaning up, fixing selected lesson class/es Jason White 2017-01-31 14:47:35 -05:00
  • 4b99eb6d4c Merge remote-tracking branch 'upstream/develop' into develop Jason White 2017-01-31 12:02:25 -05:00
  • 21659ac298 Add Thymeleaf th:href usage instead of pageContext.request.contextPath (#323) erhun 2017-01-31 19:01:41 +02:00
  • ee5a12d205 Provide Server-side service to support UI localization #265 (#322) Nanne Baars 2017-01-31 17:52:33 +01:00
  • 1b2f54accc #319 updated content for proxy Jason White 2017-01-31 11:38:57 -05:00
  • fbd37b39bd Merge branch 'develop' of https://github.com/WebGoat/WebGoat into develop mayhew64 2017-01-28 11:05:16 -05:00
  • ef3779ec13 Draft Vuln components mayhew64 2017-01-28 11:05:09 -05:00
  • 30bdc89164 Adding Vulnerable Components Category mayhew64 2017-01-28 11:01:05 -05:00
  • a564ff2038 adding in Vulnerable Components lesson mayhew64 2017-01-28 10:59:44 -05:00
  • 355393352e Merge pull request #320 from misfir3/develop Bruce Mayhew 2017-01-28 10:52:32 -05:00
  • a0451eeb3a Adding 'sorted' to lambda/stream Jason White 2017-01-27 15:41:46 -05:00
  • 74dd74d4cc formatting update Jason White 2017-01-27 15:40:57 -05:00
  • 2b31a19143 #319 Jason White 2017-01-27 15:39:31 -05:00
  • f3884fe605 #318 providing support for multiple jQuery versions and exposing it via webgoat.customjs namespace Jason White 2017-01-27 15:31:23 -05:00
  • 693d791075 bumping jquery version to support A-9 lesson Jason White 2017-01-26 16:46:05 -05:00
  • 2af1ad99cc Merge branch 'develop' of github.com:misfir3/WebGoat into develop Jason White 2017-01-25 14:57:16 -05:00
  • 264f7e74b6 Minor clean up in assignment endpoint Jason White 2017-01-25 14:56:15 -05:00
  • f7ec164601 Adding request intercept assignment Jason White 2017-01-25 14:54:44 -05:00
  • ac16342c17 #315 Adding UI handling and corresponding expected elements for html files for decoration. Inlucdes minor refactor Jason White 2017-01-25 11:18:24 -05:00
  • 839ca96544 #315 Adding UI handling and corresponding expected elements for html files for decoration. Inlucdes minor refactor Jason White 2017-01-25 11:18:24 -05:00
  • dd76cb258c Updating e-mail address Nanne Baars 2017-01-25 06:19:55 +01:00
  • 0779f7a3d0 Hints per lesson (#314) Nanne Baars 2017-01-24 15:34:06 +01:00
  • 6d727b98e3 Create IDOR lesson #304 - Fix put mapping Nanne Baars 2017-01-18 20:50:37 +01:00
  • 498c89c6c0 Getting current release running is hard and obscure #308 - Removed obsolete links which are also available on the wiki pages Nanne Baars 2017-01-16 21:50:14 +01:00
  • 9485362309 Getting current release running is hard and obscure #308 - README.md for develop only contains 8.0 information (removed legacy information etc) - Docker image now contains tag for version 8.0 Nanne Baars 2017-01-15 22:13:05 +01:00
  • ee0d34e2ea Merge pull request #310 from misfir3/develop Nanne Baars 2017-01-15 18:44:52 +01:00
  • badbabd439 Fixing can't login to webgoat #307 Nanne Baars 2017-01-15 16:28:19 +01:00
  • b970fe37fa turning off HttpOnly Jason White 2017-01-12 17:25:51 -05:00
  • 5d6ad6852a ignoring targets in webgoat lessons Jason White 2017-01-12 14:50:25 -05:00
  • f8b39d7d8c #303 Clear current form on successful submission Jason White 2017-01-10 15:23:15 -05:00
  • 3274ff7a93 properly scoping data submiission in onFormSubmit Jason White 2017-01-09 14:51:16 -05:00
  • ad3599f6af Merge pull request #306 from zupzup/issue_302_double_calls_on_submit misfir3 2017-01-09 15:00:55 -05:00
  • 2688c8ee77 removing debug statement Jason White 2017-01-09 14:04:48 -05:00
  • 4e9b30d7f6 #304 incremental addition for IDOR, still experiencing 400 with PUT method Jason White 2017-01-09 14:02:00 -05:00
  • 40f1d58796 Issue #302: Fix redundant calls to lessonoverview.mvc and lessonmenu.mvc on submission Mario Zupan 2017-01-07 15:46:19 +01:00
  • fe4f568fc0 #304 update to IDOR. Still experiencing 400 on EditOwnProfile endpoint Jason White 2017-01-06 13:04:03 -05:00
  • c2988eb771 #305 - update to use generic Object in map Jason White 2017-01-06 13:01:55 -05:00
  • 07b9a5d634 adding contact info. to pom Jason White 2017-01-06 13:01:08 -05:00
  • 4c5e58d1a1 minor style updates Jason White 2017-01-06 08:08:22 -05:00
  • 0a41b2813d #304 ... trying to fix prev. commit Jason White 2017-01-06 08:06:49 -05:00
  • 65eaa934ea Initial/partial commit of IDOR lesson Jason White 2017-01-05 17:30:53 -05:00
  • 00eeae911d #305 UserSessionData bean to provide stateful session data Jason White 2017-01-05 17:28:53 -05:00
  • dcab7d8abd Lesson overview simplification moving template to separate file. Nanne Baars 2017-01-01 21:06:00 +01:00
  • be8f263319 Merge pull request #299 from WebGoat/admin Nanne Baars 2016-12-31 18:36:57 +01:00
  • e2cb9ceae0 #277 Re-institute admin functionality for WebGoat 8 - Report card functionality is back Nanne Baars 2016-12-31 18:27:20 +01:00
  • 490f542885 Merge pull request #298 from WebGoat/lesson_overview Nanne Baars 2016-12-28 10:21:07 +01:00
  • 9c03b6f63b #276 Automatic lesson summary page Nanne Baars 2016-12-27 21:04:56 +01:00
  • de4e581ee4 Update .travis.yml Nanne Baars 2016-12-24 09:26:21 +01:00
  • 0d0d2258d8 Changing install to package to include lessons as well Nanne Baars 2016-12-24 09:24:22 +01:00
  • 45d48a8776 Update README.MD Nanne Baars 2016-12-23 15:58:09 +01:00
  • 282073ed2d Adding ZAP content for HTTP Basics Jason White 2016-12-22 16:37:57 -05:00