This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Lesson Plans"
From OWASP
(Reverting to last version not containing links to www.textgetvar.com) |
|||
| (7 intermediate revisions by 4 users not shown) | |||
| Line 2: | Line 2: | ||
__TOC__ | __TOC__ | ||
| − | The | + | The lesson plans included WebGoat 5.0 (1/31/07) include: |
{| border=1 | {| border=1 | ||
| − | |||
|- | |- | ||
| − | || HTTP | + | || General || HTTP Basics |
|- | |- | ||
| − | || | + | || || HTTP Splitting and Cache Poisining |
|- | |- | ||
| − | || How to | + | || || How to Exploit Thread Safety Problems |
|- | |- | ||
| − | || How to | + | || || How to add a new WebGoat lesson |
|- | |- | ||
| − | || How to | + | || Code Quality || How to Discover Clues in the HTML |
|- | |- | ||
| − | || How to | + | || Unvalidated Parameters || How to Exploit Hidden Fields |
|- | |- | ||
| − | || How to | + | || || How to Exploit Unchecked Email |
|- | |- | ||
| − | || How to Bypass | + | || || How to Bypass Client Side JavaScript Validation |
|- | |- | ||
| − | || | + | || Broken Access Control || Using an Access Control Matrix |
|- | |- | ||
| − | || | + | || || How to Bypass a Path Based Access Control Scheme |
|- | |- | ||
| − | || How to | + | || || How to Perform Cross Site Request Forgery (CSRF) |
|- | |- | ||
| − | || | + | || || LAB: Role based Access Control |
|- | |- | ||
| − | || | + | || || Remote Admin Access |
|- | |- | ||
| − | || | + | || Broken Authentication || Forgot Password |
|- | |- | ||
| − | || How to | + | || || How to Spoof an Authentication Cookie |
|- | |- | ||
| − | || How to | + | || || How to Hijack a Session |
|- | |- | ||
| − | || | + | || || Basic Authentication |
|- | |- | ||
| − | || | + | || Cross Site Scripting (Xss) || LAB: Cross Site Scripting |
|- | |- | ||
| − | || How to Perform Cross Site | + | || || How to Perform Stored Cross Site Scripting (XSS) |
|- | |- | ||
| − | || How to Perform | + | || || How to Perform Reflected Cross Site Scripting (XSS) |
|- | |- | ||
| − | || | + | || || [[HTTPOnly]] Test |
|- | |- | ||
| − | || How to Perform | + | || || How to Perform Cross Site Tracing (XST) Attacks |
|- | |- | ||
| − | || | + | || Buffer Overflows || Buffer Overflow |
|- | |- | ||
| − | || How to Perform | + | || Injection Flaws || How to Perform Command Injection |
|- | |- | ||
| − | || How to Perform | + | || || How to Perform Blind SQL Injection |
|- | |- | ||
| − | || How to | + | || || How to Perform Numeric SQL Injection |
|- | |- | ||
| − | || How to | + | || || How to Perform Log Spoofing |
|- | |- | ||
| − | || | + | || || How to Perform XPATH Injection |
|- | |- | ||
| − | || How to | + | || || How to Perform String SQL Injection |
|- | |- | ||
| − | || | + | || || LAB: SQL Injection |
|- | |- | ||
| − | || How to | + | || || How to Use Database Backdoors |
|- | |- | ||
| − | || How to | + | || Improper Error Handling || How to Bypass a Fail Open Authentication Scheme |
|- | |- | ||
| − | || | + | || Insecure Storage || Encoding Basics |
|- | |- | ||
| − | || | + | || Denial of Service || Denial of Service From Multiple Logins |
|- | |- | ||
| − | || | + | || Insecure Configuration Management || Forced Browsing |
|- | |- | ||
| − | || The Challenge | + | || Web Services || How to Create a SOAP Request |
| + | |- | ||
| + | || || WSDL Scanning | ||
| + | |- | ||
| + | || || Web Service SAX Injection | ||
| + | |- | ||
| + | || || Web Service SQL Injection | ||
| + | |- | ||
| + | || AJAX Security || DOM Injection | ||
| + | |- | ||
| + | || || XML Injection | ||
| + | |- | ||
| + | || || JSON Injection | ||
| + | |- | ||
| + | || || Silent Transactions Attacks | ||
| + | |- | ||
| + | || Challenge || The Challenge | ||
| + | |- | ||
| + | |||
|- | |- | ||
|} | |} | ||
Latest revision as of 18:28, 27 May 2009
WebGoat User Guide Table of Contents
The lesson plans included WebGoat 5.0 (1/31/07) include:
| General | HTTP Basics |
| HTTP Splitting and Cache Poisining | |
| How to Exploit Thread Safety Problems | |
| How to add a new WebGoat lesson | |
| Code Quality | How to Discover Clues in the HTML |
| Unvalidated Parameters | How to Exploit Hidden Fields |
| How to Exploit Unchecked Email | |
| How to Bypass Client Side JavaScript Validation | |
| Broken Access Control | Using an Access Control Matrix |
| How to Bypass a Path Based Access Control Scheme | |
| How to Perform Cross Site Request Forgery (CSRF) | |
| LAB: Role based Access Control | |
| Remote Admin Access | |
| Broken Authentication | Forgot Password |
| How to Spoof an Authentication Cookie | |
| How to Hijack a Session | |
| Basic Authentication | |
| Cross Site Scripting (Xss) | LAB: Cross Site Scripting |
| How to Perform Stored Cross Site Scripting (XSS) | |
| How to Perform Reflected Cross Site Scripting (XSS) | |
| HTTPOnly Test | |
| How to Perform Cross Site Tracing (XST) Attacks | |
| Buffer Overflows | Buffer Overflow |
| Injection Flaws | How to Perform Command Injection |
| How to Perform Blind SQL Injection | |
| How to Perform Numeric SQL Injection | |
| How to Perform Log Spoofing | |
| How to Perform XPATH Injection | |
| How to Perform String SQL Injection | |
| LAB: SQL Injection | |
| How to Use Database Backdoors | |
| Improper Error Handling | How to Bypass a Fail Open Authentication Scheme |
| Insecure Storage | Encoding Basics |
| Denial of Service | Denial of Service From Multiple Logins |
| Insecure Configuration Management | Forced Browsing |
| Web Services | How to Create a SOAP Request |
| WSDL Scanning | |
| Web Service SAX Injection | |
| Web Service SQL Injection | |
| AJAX Security | DOM Injection |
| XML Injection | |
| JSON Injection | |
| Silent Transactions Attacks | |
| Challenge | The Challenge |
For each lesson within WebGoat, an overview and objectives are provided. These are accessed through the Show Lesson Plan button.
These lesson plans describe the operation of each aspect of the target application, the areas of interest relating to the security assessment and the type of attack that should be attempted.
