team-alpha/railsgoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

okay, a lot of changes but this basically gets us out of tutorials being hosted locally

Browse Source
This commit is contained in:
cktricky
2015-03-25 19:32:12 -04:00
parent f8c771a84b
commit efe81fb6a6
55 changed files with 168 additions and 4062 deletions
Download Patch File Download Diff File Expand all files Collapse all files
app/views/tutorials/access_control.html.erb
-17
View File
@@ -1,17 +0,0 @@
<div class="dashboard-wrapper">
<div class="main-container">
<div class="row-fluid">
<div class="span12"> <!-- Begin Span12 -->
<%= render :partial => "layouts/tutorial/access_control/access_control_first" %>
</div> <!-- End Span12 -->
</div>
</div>
</div>
<script type="text/javascript">
function makeActive(){
$('li[id="access_control"]').addClass('active');
};
$(document).ready(makeActive);
</script>
app/views/tutorials/broken_auth.html.erb
-32
View File
@@ -1,32 +0,0 @@
<div class="dashboard-wrapper">
<div class="main-container">
<div class="row-fluid">
<div class="span12">
<%= render :partial => ("layouts/tutorial/broken_auth_sess/user_pass_enum")%>
</div> <!-- End Span12-->
</div>
<div class="row-fluid">
<div class="span12">
<%= render :partial => ("layouts/tutorial/broken_auth_sess/password_complexity")%>
</div> <!-- End Span12-->
</div>
<div class="row-fluid">
<div class="span12">
<%= render :partial => ("layouts/tutorial/broken_auth_sess/insecure_compare")%>
</div> <!-- End Span12-->
</div>
<div class="row-fluid">
<div class="span12">
<%= render :partial => ("layouts/tutorial/broken_auth_sess/httponly_flag")%>
</div> <!-- End Span12-->
</div>
</div>
</div>
<script type="text/javascript">
function makeActive(){
$('li[id="broken_auth"]').addClass('active');
};
$(document).ready(makeActive);
</script>
app/views/tutorials/csrf.html.erb
-17
View File
@@ -1,17 +0,0 @@
<div class="dashboard-wrapper">
<div class="main-container">
<div class="row-fluid">
<div class="span12"> <!-- Begin Span12-->
<%= render :partial => "layouts/tutorial/csrf/csrf_first"%>
</div> <!-- End Span12-->
</div>
</div>
</div>
<script type="text/javascript">
function makeActive(){
$('li[id="csrf"]').addClass('active');
};
$(document).ready(makeActive);
</script>
app/views/tutorials/exposure.html.erb
-30
View File
@@ -1,30 +0,0 @@
<div class="dashboard-wrapper">
<div class="main-container">
<div class="row-fluid">
<div class="span12"> <!-- Beginning of span-->
<%= render :partial => "layouts/tutorial/exposure/password_hashing" %>
</div> <!-- End of span-->
</div>
<div class="row-fluid">
<div class="span12">
<%= render :partial => "layouts/tutorial/exposure/ssn" %>
</div>
</div>
<div class="row-fluid">
<div class="span12">
<%= render :partial => "layouts/tutorial/exposure/model_attributes_exposure" %>
</div>
</div>
</div>
</div>
<script type="text/javascript">
function makeActive(){
$('li[id="exposure"]').addClass('active');
};
$(document).ready(makeActive);
</script>
app/views/tutorials/gauntlt.html.erb
-36
View File
@@ -1,36 +0,0 @@
<div class="dashboard-wrapper">
<div class="main-container">
<div class="row-fluid">
<div class="span12"> <!-- Begin Span12-->
<div class="widget">
<div class="widget-header">
<div class="title">
<span class="fs1" aria-hidden="true" data-icon="&#xe092;"></span> Gauntlet
</div>
</div>
<div class="widget-body">
<p class="desc">
Gauntlt is a tool used for unit testing leveraging third-party tools. We've baked this into Railsgoat so that you can play with it. <br/><br/> To learn more about this tool, please visit their site at: <%= link_to "Gauntlet Github Repository", "https://github.com/gauntlt/gauntlt", {:style =>"color: rgb(181, 121, 158);"} %></p>
<p class="desc">
All *.attack files are contained under the gauntlt_scripts directory. We have provided a simple.attack file that demonstrates the tool works. If errors occur, please submit a bug through our github powered issue tracking system.
</p>
<p class="desc">
To run this tool type this via the command line: <br/><br/>$ gauntlt
</p>
</div>
</div>
</div> <!-- End Span12-->
</div>
</div>
</div>
<script type="text/javascript">
function openSub(){
$('li[id="gauntlt"]').addClass('active');
$('li[id="submenu"]').addClass('active open');
};
$(document).ready(openSub);
</script>
app/views/tutorials/guard.html.erb
-28
View File
@@ -1,28 +0,0 @@
<div class="dashboard-wrapper">
<div class="main-container">
<div class="row-fluid">
<div class="span6">
<div class="widget">
<div class="widget-header">
<div class="title">
<span class="fs1" aria-hidden="true" data-icon="&#xe012;"></span> Using Guard with Brakeman and Bundle-Audit
</div>
</div>
<div class="widget-body">
<iframe src="http://player.vimeo.com/video/63901340" width="500" height="281" frameborder="0" webkitAllowFullScreen mozallowfullscreen allowFullScreen></iframe>
</div>
</div>
</div>
</div>
</div>
<script type="text/javascript">
function openSub(){
$('li[id="guard"]').addClass('active');
$('li[id="submenu"]').addClass('active open');
};
$(document).ready(openSub);
</script>
app/views/tutorials/index.html.erb
-71
View File
@@ -1,71 +0,0 @@
<div class="dashboard-wrapper">
<div class="main-container">
<h1> Welcome to RailsGoat </h1>
<h3> Tutorial Guide </h3>
<!-- Begin Main Section -->
<div id="main" class="row-fluid">
<div class="span12">
<h6>Railsgoat can be used by either software developers or security professionals as a means of training themselves on Ruby on Rails security.
We describe software developers as "builders" and security professionals as "breakers".
<br/><br/>Please choose the category that you fall under for more information.
</h6><br/><br/>
<!-- Begin Buttons -->
<div class="row-fluid">
<div class="metro-navigation">
<!-- Begin Builder Button -->
<div class="nav-block block-blue double">
<a href="#">
<div class="fs1" aria-hidden="true" data-icon=></div>
<div class="brand">
Builder
</div>
</a>
</div>
<!-- End Builder Button-->
<!-- Begin Breaker Button -->
<div class="nav-block block-red double offset1">
<a id="breaker" href="#">
<div class="fs1" aria-hidden="true" data-icon=></div>
<div class="brand">
Breaker
</div>
</a>
</div>
<!-- End Breaker Button-->
</div>
</div>
<!-- End Buttons -->
</div>
</div>
<!-- End Main Section-->
<!-- Begin Tutorial Section -->
<div class="row-fluid">
<div class="span12">
<div id="info">
</div>
</div>
</div>
<!-- End Tutorial Section -->
</div>
</div>
<script type="text/javascript">
function makeActive(){
$('li[id="tutorials_home"]').addClass('active');
};
$('#breaker').click(function(event){
event.preventDefault();
$("#main").fadeOut(500, function() {
$(this).empty().show();
});
$("#info").empty()
$("#info").load(<%= sanitize breaker_tutorials_path.inspect %>).hide().fadeIn(4000)
});
$(document).ready(makeActive);
</script>
app/views/tutorials/injection.html.erb
-27
View File
@@ -1,27 +0,0 @@
<div class="dashboard-wrapper">
<div class="main-container">
<div class="row-fluid">
<div class="span12"> <!-- Begin Span12-->
<%= render :partial => "layouts/tutorial/injection/injection_first"%>
</div> <!-- End Span12-->
</div>
<div class="row-fluid">
<div class="span12"> <!-- Begin Span12-->
<%= render :partial => "layouts/tutorial/injection/sqli_scope"%>
</div> <!-- End Span12-->
</div>
<div class="row-fluid">
<div class="span12"> <!-- Begin Span12-->
<%= render :partial => "layouts/tutorial/injection/injection_command"%>
</div> <!-- End Span12-->
</div>
</div>
</div>
<script type="text/javascript">
function makeActive(){
$('li[id="injection"]').addClass('active');
};
$(document).ready(makeActive);
</script>
app/views/tutorials/insecure_components.html.erb
-17
View File
@@ -1,17 +0,0 @@
<div class="dashboard-wrapper">
<div class="main-container">
<div class="row-fluid">
<div class="span12"> <!-- Begin Span12 -->
<%= render :partial => "layouts/tutorial/insecure_components/insecure_components_first" %>
</div> <!-- End Span12 -->
</div>
</div>
</div>
<script type="text/javascript">
function makeActive(){
$('li[id="insecure_components"]').addClass('active');
};
$(document).ready(makeActive);
</script>
app/views/tutorials/insecure_dor.html.erb
-17
View File
@@ -1,17 +0,0 @@
<div class="dashboard-wrapper">
<div class="main-container">
<div class="row-fluid">
<div class="span12"> <!-- Begin Span12 -->
<%= render :partial => "layouts/tutorial/insecure_dor/insecure_dor_first" %>
</div> <!-- End Span12 -->
</div>
</div>
</div>
<script type="text/javascript">
function makeActive(){
$('li[id="insecure_dor"]').addClass('active');
};
$(document).ready(makeActive);
</script>
app/views/tutorials/logic_flaws.html.erb
-24
View File
@@ -1,24 +0,0 @@
<div class="dashboard-wrapper">
<div class="main-container">
<div class="row-fluid">
<div class="span12">
<%= render :partial => ("layouts/tutorial/logic_flaws/broken_regexp")%>
</div> <!-- End Span12-->
</div>
<div class="row-fluid">
<div class="span12">
<%= render :partial => ("layouts/tutorial/logic_flaws/insecure_crypto_reuse")%>
</div> <!-- End Span12-->
</div>
</div>
</div>
<script type="text/javascript">
function makeActive(){
$('li[id="logic_flaws"]').addClass('active');
$('li[id="submenu"]').addClass('active open');
};
$(document).ready(makeActive);
</script>
app/views/tutorials/mass_assignment.html.erb
-18
View File
@@ -1,18 +0,0 @@
<div class="dashboard-wrapper">
<div class="main-container">
<div class="row-fluid">
<div class="span12">
<%= render :partial => ("layouts/tutorial/mass_assignment/admin_mass_assign")%>
</div> <!-- End Span12-->
</div>
</div>
</div>
<script type="text/javascript">
function makeActive(){
$('li[id="mass_assignment"]').addClass('active');
$('li[id="submenu"]').addClass('active open');
};
$(document).ready(makeActive);
</script>
app/views/tutorials/metaprogramming.html.erb
-23
View File
@@ -1,23 +0,0 @@
<div class="dashboard-wrapper">
<div class="main-container">
<div class="row-fluid">
<div class="span12">
<%= render :partial => ("layouts/tutorial/metaprogramming/benefit_forms_constantize")%>
</div> <!-- End Span12-->
</div>
<div class="row-fluid">
<div class="span12">
<%#= render :partial => ("layouts/tutorial/metaprogramming/send")%>
</div> <!-- End Span12-->
</div>
</div>
</div>
<script type="text/javascript">
function makeActive(){
$('li[id="metaprogramming"]').addClass('active');
$('li[id="submenu"]').addClass('active open');
};
$(document).ready(makeActive);
</script>
app/views/tutorials/misconfig.html.erb
-22
View File
@@ -1,22 +0,0 @@
<div class="dashboard-wrapper">
<div class="main-container">
<div class="row-fluid">
<div class="span12"> <!-- Begin Span12-->
<%= render :partial => "layouts/tutorial/misconfig/misconfig_first"%>
</div> <!-- End Span12-->
</div>
<div class="row-fluid">
<div class="span12"> <!-- Begin Span12-->
<%= render :partial => "layouts/tutorial/misconfig/misconfig_second"%>
</div> <!-- End Span12-->
</div>
</div>
</div>
<script type="text/javascript">
function makeActive(){
$('li[id="misconfig"]').addClass('active');
};
$(document).ready(makeActive);
</script>
app/views/tutorials/redirects.html.erb
-17
View File
@@ -1,17 +0,0 @@
<div class="dashboard-wrapper">
<div class="main-container">
<div class="row-fluid">
<div class="span12"> <!-- Begin Span12 -->
<%= render :partial => "layouts/tutorial/redirects/redirects_first"%>
</div> <!-- End Span12 -->
</div>
</div>
</div>
<script type="text/javascript">
function makeActive(){
$('li[id="redirects"]').addClass('active');
};
$(document).ready(makeActive);
</script>
app/views/tutorials/ssl_tls.html.erb
-17
View File
@@ -1,17 +0,0 @@
<div class="dashboard-wrapper">
<div class="main-container">
<div class="row-fluid">
<div class="span12"> <!-- Begin Span12 -->
<%= render :partial => "layouts/tutorial/ssl_tls/ssl_tls_first" %>
</div> <!-- End Span12 -->
</div>
</div>
</div>
<script type="text/javascript">
function makeActive(){
$('li[id="ssl_tls"]').addClass('active');
};
$(document).ready(makeActive);
</script>
app/views/tutorials/url_access.html.erb
-17
View File
@@ -1,17 +0,0 @@
<div class="dashboard-wrapper">
<div class="main-container">
<div class="row-fluid">
<div class="span12"> <!-- Begin Span12 -->
<%= render :partial => "layouts/tutorial/url_access/url_access_first" %>
</div> <!-- End Span12 -->
</div>
</div>
</div>
<script type="text/javascript">
function makeActive(){
$('li[id="url_access"]').addClass('active');
};
$(document).ready(makeActive);
</script>
app/views/tutorials/xss.html.erb
-22
View File
@@ -1,22 +0,0 @@
<div class="dashboard-wrapper">
<div class="main-container">
<div class="row-fluid">
<div class="span12"> <!-- Begin Span12 -->
<%= render :partial => "layouts/tutorial/xss/xss_first"%>
</div> <!-- End Span12 -->
</div>
<div class="row-fluid">
<div class="span12"> <!-- Begin Span12 -->
<%= render :partial => "layouts/tutorial/xss/dom_xss"%>
</div> <!-- End Span12 -->
</div>
</div>
</div>
<script type="text/javascript">
function makeActive(){
$('li[id="xss"]').addClass('active');
};
$(document).ready(makeActive);
</script>