team-alpha/railsgoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
343 Commits 1 Branch 0 Tags
64bdc001611bee0ba7da8d7765f7d42b4331957a
Commit Graph

343 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
James Espinosa 64bdc00161 Add minor changes to README.md file 2013-11-14 15:04:45 -06:00
James Espinosa cae2170879 Remove unnecessary README.rdoc file 2013-11-14 15:04:45 -06:00
cktricky 810c086130 Merge branch 'master' of github.com:OWASP/railsgoat 2013-11-14 15:05:14 -05:00
cktricky 53dcc75f74 I think there was a subtle bug in the intentional security bypass within the admin controller 2013-11-14 15:05:00 -05:00
Mike McCabe 0075ca7a9c lowering rack version for dos 2013-11-14 12:32:53 -05:00
Mike McCabe 4801dc518a fixing two A5 typos 2013-11-14 11:26:31 -05:00
Mike McCabe 3ec9765ca3 small update to A7 2013-11-14 11:24:15 -05:00
cktricky f53ab56e92 fixes a bug introduced during the transition from info_disclosure to A6 2013-11-14 11:06:27 -05:00
cktricky b9e2723175 closes issue #30 2013-11-14 10:59:20 -05:00
cktricky edfe5b646e fixed category number and this closes issue #35 2013-11-14 10:52:04 -05:00
cktricky 419a051da9 Merge branch 'top-10-2013' of github.com:OWASP/railsgoat into top-10-2013 2013-11-14 10:47:44 -05:00
cktricky b84c8d4cc7 finished write-up for broken auth 2013-11-14 10:47:27 -05:00
Mike McCabe e116d8b096 finishing A7 2013-11-14 10:34:35 -05:00
cktricky 5fff355181 Merge branch 'top-10-2013' of github.com:OWASP/railsgoat into top-10-2013 2013-11-14 10:11:11 -05:00
cktricky 890717b7ea write-up complete for exposure 2013-11-14 10:10:58 -05:00
cktricky e764efe1d4 working on A6 tutorial write-up now that the code is working 2013-11-14 09:39:57 -05:00
Mike McCabe e826adadbc removing empty spec 2013-11-13 19:55:49 -05:00
cktricky 98678b0364 Merge branch 'top-10-2013' of github.com:OWASP/railsgoat into top-10-2013 2013-11-13 19:51:59 -05:00
cktricky b605a42812 got the code kicked off so we can encrypt SSN(s) in the database 2013-11-13 19:51:42 -05:00
Mike McCabe 235b6418d0 A7 adding before filter to see if admin or admin_id is 1 2013-11-13 19:35:12 -05:00
Mike McCabe 2629565f21 fixing a small typo :) 2013-11-13 19:34:04 -05:00
Mike McCabe aeabbcf8c6 A7 - switching the var used in the view so that non-admins can view the admin panel 2013-11-13 19:14:12 -05:00
cktricky 4be667b606 working 2013-11-13 19:02:37 -05:00
cktricky 447c408699 Merge branch 'top-10-2013' of github.com:OWASP/railsgoat into top-10-2013 2013-11-13 18:24:33 -05:00
cktricky efcb7b8c4b working on encryption 2013-11-13 18:24:26 -05:00
Mike McCabe af8776a3ea halfway done A7 2013-11-13 18:23:38 -05:00
Mike McCabe 91e6797b40 adding broken functionality for A7 2013-11-13 18:23:38 -05:00
cktricky d9956caec1 removed orig file 2013-11-13 14:18:25 -05:00
cktricky 665ccb2167 removed orig file and also began encryption related stuff for ssn(s) 2013-11-13 14:01:29 -05:00
cktricky 9cbdbf01e5 should fix conflicts 2013-11-13 12:19:33 -05:00
cktricky 8c672fd2fc fixed the route 2013-11-13 12:16:48 -05:00
Mike McCabe f0ca17df79 updating the information for A9 fixes #27 2013-11-13 11:47:29 -05:00
Mike McCabe 52f1ac3c78 bringing the rails and rack version down for A9 2013-11-13 11:46:42 -05:00
Mike McCabe e077ad6815 fixing escaping entities 2013-11-12 19:20:42 -05:00
Mike McCabe fe9d8b266f adding security misconfig text 2013-11-12 18:55:14 -05:00
cktricky 6950accce4 a6 exposure, working on the wording for SSNs being stored in the clear 2013-11-12 17:44:27 -05:00
cktricky 655b636c38 Merge branch 'top-10-2013' of github.com:OWASP/railsgoat into top-10-2013 2013-11-12 16:12:49 -05:00
Mike McCabe 108c8d2e2a turning off whitelisting and entities encoding 2013-11-12 16:11:30 -05:00
Mike McCabe c06140659c updated description with owasp one 2013-11-12 16:10:38 -05:00
cktricky 3aaf38fb9c Merge branch 'top-10-2013' of github.com:OWASP/railsgoat into top-10-2013 2013-11-12 16:07:34 -05:00
cktricky 14bff998dd Merge branch 'master' of github.com:OWASP/railsgoat into top-10-2013 2013-11-12 16:07:23 -05:00
Michael McCabe 7833b85837 updating description with owasp 2013 description 2013-11-12 15:24:07 -05:00
Mike McCabe 4c6dc24200 removing empty tests 2013-11-12 15:07:21 -05:00
mccabe615 032581b3da Merge pull request #64 from jasnow/master 
Rebuilt Gemfile.lock file. Fixed test by using "$" instead of "@@"
 2013-11-12 12:06:47 -08:00
Mike McCabe f8fbc93c75 adding fix for phantomjs errors on mavericks *crossing fingers* 2013-11-12 14:21:32 -05:00
Michael McCabe cf1b5dc124 updating description with owasp 2013 description 2013-11-12 13:55:24 -05:00
Al Snow 46128211e1 Merge branch 'master' of https://github.com/OWASP/railsgoat 2013-11-08 08:28:50 -05:00
Ken Johnson 9f34e4fa37 Merge pull request #63 from GSMcNamara/master 
Minor typo fixes.
 2013-11-07 12:27:21 -08:00
GSMcNamara 09c0f07d8b Lowercased a letter. 2013-11-07 15:06:05 -05:00
GSMcNamara 7ddec28bcc Removed apostrophe 2013-11-07 15:02:31 -05:00