Difference between revisions of "OWASP Securing WebGoat using ModSecurity Project"

Revision as of 08:40, 24 July 2008

1.1 Background

1.2 Purpose

1.3 Talks and deliverables

1.4 Future development and long-term vision

1.5 Contributors

2.1 Overview

2.2 How it works

2.3 Lesson Table Of Contents

2.4 Overview of lesson results

3.1 Project Setup and Environment

3.2 Doing the WebGoat lessons - tips and tricks

3.3 Project organization

3.3.1 ModSecurity rules

3.3.2 SecDirData directory

3.3.3 Error pages

3.3.4 Informational and debug messages

4.1 Project metrics

4.2 Overall strategy

4.3 Using the Lua scripting language

4.4 Structure of mitigating a lesson

4.5 The mitigating solutions

Revision as of 08:37, 24 July 2008 (view source) Stephen Evans (talk \| contribs) (→‎Mitigating the WebGoat lessons) ← Older edit		Revision as of 08:40, 24 July 2008 (view source) Stephen Evans (talk \| contribs) (→‎Appendix A: The WebGoat lesson plans and solutions) Newer edit →
Line 49:		Line 49:
	4.5 The mitigating solutions		4.5 The mitigating solutions

−	==Appendix A: ~~The~~ WebGoat lesson plans and solutions==	+	== [http://www.owasp.org/index.php/OWASP_ModSecurity_Securing_WebGoat_Appendix_A_WebGoat_Lesson_Plans_and_Solutions Appendix A: WebGoat lesson plans and solutions] ==