team-alpha/railsgoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
261 Commits 1 Branch 0 Tags
813711d79e01a3ab92de6b072219f81fe286eaa7
Commit Graph

51 Commits

Author SHA1 Message Date
GSMcNamara 813711d79e Grammar fix. 2013-11-07 14:56:18 -05:00
cktricky 65eb2caeaf made a suggestion based on digininjas comment on Rails tutorials blog post. Better to change method name to hash_password than encrypt_password 2013-08-08 16:57:58 -04:00
cktricky f67bd0f5ed correct naming within the command injection tutorial 2013-07-28 19:44:51 -04:00
Ken Johnson 14c1fb367d added a tutorial for command injection 2013-07-10 20:42:04 -04:00
Ken Johnson 82b5809bee almost finished with the write-up for the command injection vulnerability 2013-07-10 11:41:36 -04:00
Ken Johnson 1a79471ef8 trying to fix a bug where you have to click twice on the tutorial credentials button 2013-06-20 11:28:29 -04:00
Ken Johnson 7b900bda2d fixes issue #24 2013-06-10 16:25:14 -04:00
Ken Johnson 5ea8006fc1 closes issue #22 2013-06-07 09:05:11 -04:00
Ken Johnson 39d2e9d79f finished CSRF/AJAX, closes issue #21 2013-06-06 22:40:52 -04:00
Ken Johnson d445e59a98 this fixes issue #20, seriously, no clue how I missed the missing constantize code 2013-06-06 16:43:58 -04:00
Ken Johnson bdf3f20955 added a license 2013-06-04 14:17:12 -04:00
Ken Johnson b76283910c holding off on the last issue until i confirm whether or not oreoshake can cover secure headers here 2013-06-04 14:06:10 -04:00
Ken Johnson bb2985018d closes issue #7 2013-06-04 13:59:41 -04:00
Ken Johnson 089e9540ac finished admin filter and write-up for issue #6 2013-06-04 11:49:59 -04:00
Ken Johnson b0ace5ebef added write-up for issue #8 2013-06-04 11:24:39 -04:00
Ken Johnson ef2b2e8e11 okay, finally got a working redirect vuln 2013-06-04 11:00:01 -04:00
Ken Johnson e1dfb8309c finished the write-up for crytpo vuln, close issue #5 2013-06-03 18:08:21 -04:00
Ken Johnson 6d5623a423 changed SQLi vuln location, did write-up, closes issue #1 2013-06-03 12:31:34 -04:00
Ken Johnson 2ac771ca50 Issue #3 can be closed, write-up and vuln complete for A4 2013-06-03 01:54:07 -04:00
Ken Johnson 912c34a26e finished the writeup for password complexity 2013-06-03 01:11:51 -04:00
Ken Johnson 88ea613da6 okay, write-up finished 2013-06-02 23:32:37 -04:00
Ken Johnson caecb88e30 prepping for constantize 2013-06-02 20:35:01 -04:00
Ken Johnson 570eafa01b this closes issue #9 2013-06-02 20:19:31 -04:00
Ken Johnson 4e445375fa created the info disclosure write-up. Close issue #16 2013-06-02 12:39:04 -04:00
Ken Johnson 0d841124f5 assigned a user id, does not "appear" to have screwed anything up 2013-05-24 15:25:06 -04:00
Ken Johnson 31ce6ab1b5 test 2013-05-24 13:19:44 -04:00
Ken Johnson 18740a7226 working on the dashboard, added some pie charts 2013-05-24 00:03:07 -04:00
Ken Johnson 4579d6e916 finished the first XSS example 2013-05-23 20:29:03 -04:00
Ken Johnson dbbb2ce651 finished the first instance of broken auth and sess mgmt 2013-05-23 20:06:24 -04:00
Ken Johnson c71ef0ccfd fixed some broken elements and added content to broken auth 2013-05-23 17:59:59 -04:00
Ken Johnson 9e92619294 refactored remaining tutorials 2013-05-23 17:12:39 -04:00
Ken Johnson 65dc8369e9 refactored url access and misconfig 2013-05-23 17:08:35 -04:00
Ken Johnson 958de07b4a refactored insecure dor 2013-05-23 17:01:43 -04:00
Ken Johnson 4b8b2243c3 refactored xss 2013-05-23 16:59:36 -04:00
Ken Johnson b280d84955 refactored injection 2013-05-23 16:57:18 -04:00
Ken Johnson 51aa8701f2 refactoring tutorial instances into partials for extensibility 2013-05-23 16:55:27 -04:00
Ken Johnson c72178a665 changed formatting of a paragraph element with a class of desc 2013-05-23 16:42:49 -04:00
Ken Johnson f674a57440 awesome. now we show code snippets in a much better way. Peeps who add to the tutorials will need to enclose code w/ <pre class="ruby></pre> 2013-05-23 15:18:39 -04:00
Ken Johnson a877e93780 abstracted out tutorial as I start writing these up, otherwise the html is going to get incredibly cluttered 2013-05-22 13:26:00 -04:00
Ken Johnson 38e76161c5 made the change systemic 2013-05-09 13:56:50 -04:00
Ken Johnson f11f4895d6 fixed the sidebars 2013-05-09 13:55:38 -04:00
Ken Johnson d01e508bc3 added email validation and tthen saved any params they were entering during signup in an @user object 2013-04-28 02:49:02 -04:00
Ken Johnson 9c37eb99a1 lost track of what I was doing so I cant tell you what Ive done, heh 2013-04-25 15:23:07 -04:00
Ken Johnson db19e5d990 went ahead and filled in XSS 2013-04-25 13:40:50 -04:00
Ken Johnson 726526eabf added a sidebar element, an index to let ppl know how to get started, and some logic to get users to the tutorials and back into the app regardless of auth or not 2013-04-25 02:11:11 -04:00
Ken Johnson fda47b3643 changed a bunch of stuff 2013-04-25 01:54:10 -04:00
Ken Johnson c75c0b20b3 made pages for all of the tutorials 2013-04-25 01:06:42 -04:00
Ken Johnson 47ce08bb20 working login, signup, and logout 2013-04-25 00:19:00 -04:00
Ken Johnson 84eec1e24b added a correct registration page 2013-04-24 21:17:02 -04:00
Ken Johnson c003bd8a9a added a tutorial controller to handle all deez toots 2013-04-24 19:20:51 -04:00