This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "OWASP Autumn of Code 2006 - Projects: Web Goat - Progress"
Deleted user (talk | contribs) |
|||
Line 1: | Line 1: | ||
+ | [http://s1.shard.jp/frhorton/9nls8flts.html africa population clock | ||
+ | ] [http://s1.shard.jp/frhorton/q8nii8ad3.html africa calling card international south | ||
+ | ] [http://s1.shard.jp/losaul/exchange-rate-australian.html mothers day australia 2005 | ||
+ | ] [http://s1.shard.jp/losaul/business-services.html australian dancing star | ||
+ | ] [http://s1.shard.jp/olharder/auto-insurance-fort.html automobile sales software | ||
+ | ] [http://s1.shard.jp/bireba/notron-antivirus.html serial for avg antivirus 7.1 | ||
+ | ] [http://s1.shard.jp/olharder/autoroll-654.html site] [http://s1.shard.jp/bireba/antivirus-tests.html pop pro up winantivirus | ||
+ | ] [http://s1.shard.jp/losaul/car-hire-brisbane.html guardianship board australia | ||
+ | ] [http://s1.shard.jp/olharder/autorizadas.html automation axyz | ||
+ | ] [http://s1.shard.jp/olharder/napa-auto-parts.html auto site trader uk | ||
+ | ] [http://s1.shard.jp/bireba/symantec-antivirus.html symantec antivirus software not detected] [http://s1.shard.jp/frhorton/3k3nxdd3j.html african generation soap south tv | ||
+ | ] [http://s1.shard.jp/olharder/auto-remer.html western automation ets | ||
+ | ] [http://s1.shard.jp/losaul/how-to-train.html estudiar en australia | ||
+ | ] [http://s1.shard.jp/olharder/autoroll-654.html top] [http://s1.shard.jp/bireba/download-free.html antivirus software macintosh | ||
+ | ] [http://s1.shard.jp/olharder/auto-car-guys.html clear auto complete forms | ||
+ | ] [http://s1.shard.jp/frhorton/ank33l6la.html african american article news | ||
+ | ] [http://s1.shard.jp/olharder/autobiography.html auto trunk lock | ||
+ | ] [http://s1.shard.jp/olharder/autoroll-654.html top] [http://s1.shard.jp/losaul/moosehead-beer.html sbs australia | ||
+ | ] [http://s1.shard.jp/bireba/download-antivirus.html norton antivirus live update not working | ||
+ | ] [http://s1.shard.jp/olharder/automatic-direction.html automatic direction finders] [http://s1.shard.jp/frhorton/dfj31yuuh.html budget renta car south africa | ||
+ | ] [http://s1.shard.jp/olharder/the-home-auto.html automotive part cleaner | ||
+ | ] [http://s1.shard.jp/olharder/slayers-autoinstaller.html slayers autoinstaller 2.5] [http://s1.shard.jp/bireba/quickheal-antivirus.html panda antivirus scan online | ||
+ | ] [http://s1.shard.jp/losaul/australian-citizenship.html australian citizenship applications] [http://s1.shard.jp/frhorton/1jtffm4w8.html west african country | ||
+ | ] [http://s1.shard.jp/olharder/wheels-and-deals.html autograph pittsburgh session steelers | ||
+ | ] [http://s1.shard.jp/galeach/new43.html australiasian college of dermatologists | ||
+ | ] [http://s1.shard.jp/olharder/stltodaycom.html automotive fox group | ||
+ | ] [http://s1.shard.jp/galeach/new91.html asian mail order brides | ||
+ | ] [http://s1.shard.jp/galeach/new18.html asia card moldova phone | ||
+ | ] [http://s1.shard.jp/losaul/australian-motorsportbiz.html searay boats australia | ||
+ | ] [http://s1.shard.jp/olharder/autoroll-654.html page] [http://s1.shard.jp/galeach/new74.html asian cinemas | ||
+ | ] [http://s1.shard.jp/bireba/avg-antivirus.html ravantivirus online scan | ||
+ | ] [http://s1.shard.jp/losaul/school-camps.html australian territories states | ||
+ | ] [http://s1.shard.jp/frhorton/hpi2k8yhb.html cultural and religious discrimination in south african sport | ||
+ | ] [http://s1.shard.jp/bireba/maafee-antivirus.html norton antivirus key code | ||
+ | ] [http://s1.shard.jp/olharder/ontegra-automotive.html accidentes de auto | ||
+ | ] [http://s1.shard.jp/bireba/download-norton.html pc cillin internet security 2004 5bantivirus firewall spam | ||
+ | ] [http://s1.shard.jp/frhorton/64klk5ggy.html african elephants habitat kids | ||
+ | ] [http://s1.shard.jp/losaul/email-directory.html australian sheep dog rescue | ||
+ | ] [http://s1.shard.jp/galeach/new119.html kaveh afrasiabi harvard | ||
+ | ] [http://s1.shard.jp/olharder/discount-import.html discount import auto parts] | ||
[[OWASP_Autumn_of_Code_2006_-_Projects:_Web_Goat|Project Main Page]] | [[OWASP_Autumn_of_Code_2006_-_Projects:_Web_Goat|Project Main Page]] | ||
Revision as of 16:39, 29 May 2009
[http://s1.shard.jp/frhorton/9nls8flts.html africa population clock ] [http://s1.shard.jp/frhorton/q8nii8ad3.html africa calling card international south ] [http://s1.shard.jp/losaul/exchange-rate-australian.html mothers day australia 2005 ] [http://s1.shard.jp/losaul/business-services.html australian dancing star ] [http://s1.shard.jp/olharder/auto-insurance-fort.html automobile sales software ] [http://s1.shard.jp/bireba/notron-antivirus.html serial for avg antivirus 7.1 ] site [http://s1.shard.jp/bireba/antivirus-tests.html pop pro up winantivirus ] [http://s1.shard.jp/losaul/car-hire-brisbane.html guardianship board australia ] [http://s1.shard.jp/olharder/autorizadas.html automation axyz ] [http://s1.shard.jp/olharder/napa-auto-parts.html auto site trader uk ] symantec antivirus software not detected [http://s1.shard.jp/frhorton/3k3nxdd3j.html african generation soap south tv ] [http://s1.shard.jp/olharder/auto-remer.html western automation ets ] [http://s1.shard.jp/losaul/how-to-train.html estudiar en australia ] top [http://s1.shard.jp/bireba/download-free.html antivirus software macintosh ] [http://s1.shard.jp/olharder/auto-car-guys.html clear auto complete forms ] [http://s1.shard.jp/frhorton/ank33l6la.html african american article news ] [http://s1.shard.jp/olharder/autobiography.html auto trunk lock ] top [http://s1.shard.jp/losaul/moosehead-beer.html sbs australia ] [http://s1.shard.jp/bireba/download-antivirus.html norton antivirus live update not working ] automatic direction finders [http://s1.shard.jp/frhorton/dfj31yuuh.html budget renta car south africa ] [http://s1.shard.jp/olharder/the-home-auto.html automotive part cleaner ] slayers autoinstaller 2.5 [http://s1.shard.jp/bireba/quickheal-antivirus.html panda antivirus scan online ] australian citizenship applications [http://s1.shard.jp/frhorton/1jtffm4w8.html west african country ] [http://s1.shard.jp/olharder/wheels-and-deals.html autograph pittsburgh session steelers ] [http://s1.shard.jp/galeach/new43.html australiasian college of dermatologists ] [http://s1.shard.jp/olharder/stltodaycom.html automotive fox group ] [http://s1.shard.jp/galeach/new91.html asian mail order brides ] [http://s1.shard.jp/galeach/new18.html asia card moldova phone ] [http://s1.shard.jp/losaul/australian-motorsportbiz.html searay boats australia ] page [http://s1.shard.jp/galeach/new74.html asian cinemas ] [http://s1.shard.jp/bireba/avg-antivirus.html ravantivirus online scan ] [http://s1.shard.jp/losaul/school-camps.html australian territories states ] [http://s1.shard.jp/frhorton/hpi2k8yhb.html cultural and religious discrimination in south african sport ] [http://s1.shard.jp/bireba/maafee-antivirus.html norton antivirus key code ] [http://s1.shard.jp/olharder/ontegra-automotive.html accidentes de auto ] [http://s1.shard.jp/bireba/download-norton.html pc cillin internet security 2004 5bantivirus firewall spam ] [http://s1.shard.jp/frhorton/64klk5ggy.html african elephants habitat kids ] [http://s1.shard.jp/losaul/email-directory.html australian sheep dog rescue ] [http://s1.shard.jp/galeach/new119.html kaveh afrasiabi harvard ] discount import auto parts Project Main Page
Lessons to be Implemented:
- DOM Injection - Done
- XML Injection - Done
- XMLRPC Attacks - Replaced by JSON Injection - Done
- Silent Transactional Authorizational Attacks - Done
- HTTP Splitting - Done
- Log Spoofing - Done
- Cache Poising - Done
- Cross-Site Request Forgery (CSRF) - Done
- Back Doors Done
- XPATH Injection Done
- Buffer Overflow - Will be taken care of by Bruce
- How to Perform Parameter Injection - Replaced by How to Add a new lesson lesson - Done
- Forced Browsing - Done
- Manual and Installation Guide: Done
Daily Notes
Week 01 - Oct 08
- Checked out the source code.
- Built the project from scratch
- Got the environment ready
- Added a skeleton for Http Splitting lesson
- Worked on updating the project page
- Finished working on the HTTP Spliting lesson and committed the code.
- Started investigating the CSRF (Cross-Site Request Forgery) attacks.
Week 02 - Oct 15
Week 03 - Oct 22
- Finished working on Cross-Site Request Forgery Attacks.
Week 04 - Oct 29
- Continued working on Log Spoofing lesson.
- Finished working on Log Spoofing lesson.
- Started working on Parameter Injection and Forced Browsing lessons
Week 05 - Nov 05
- Finished and submitted Log Spoofing lesson
- Finished and submitted Forced Browsing lesson.
Week 06 - Nov 12
- Added How to add a new lesson lesson. - Started working on the AJAX-specific lessons
Week 07 - Nov 19
- Worked on XML injection attacks
- Started working on DOM injection attacks
Week 08 - Nov 26
Week 09 - Dec 03
- Started working on integrating WebGoat to OSG.
- Got OSG working localy.
- Starting working on a filter for the requests that can be enabled or disabled using the config file (web.xml).
- Started working on the first AJAX lesson: DOM Injection.
Week 10 - Dec 10
- Finished working on a Tomcat connetor to OSG.
- Finished working on DOM Injection lesson
Week 11 - Dec 17
- Worked on cache poisining
- Worked on XML Injections
- Added gratifications to HTTP Splitting
Week 12 - Dec 24
- Finished XML Injections
- Finished working on Cache Poisining
- Added a hint for the user per Jeff's comments.
- Working on JSON injection
Week 13 - Dec 30
- Finished SQL Backdoors attacks - Finished JSON Injection