This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

Category talk:OWASP WebGoat Project

Jump to: navigation, search

This is a great place to ask questions or make suggestions about WebGoat!


How to approach the WebGoat lesson---> LAB: Role Based Access Control

I couldn't login to account go further even with the help of the hints given.,

Please help me out ASAP.

Regards, Ravigopal.

Windows WAR Broken

The Windows WAR file redirects to WebGoat/lessons/redirect.jsp for HTTP Splitting; if the WebGoat install stays as WebGoat-5.0 or such, this breaks. Works on Linux.

Also the HTTP splitting lesson isn't working at all. Attempting on Windows after a reinstall.