team-alpha/railsgoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,898 Commits 1 Branch 0 Tags
d08af9cdbf37a0ebc25d4cf5e688dcf66c0191ce
Commit Graph

1898 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
cktricky 4af22d952d fixed broken spec test 2014-04-18 09:25:07 -04:00
cktricky bc95b27edb Merge branch 'master' of github.com:OWASP/railsgoat into pr-109 2014-04-18 09:18:57 -04:00
Mike McCabe fceeb94b05 adding mysql env to bundler require 2014-04-17 23:08:55 -04:00
Mike McCabe c0ea2c87a5 adding mysql environment for mysql sql injection tests 2014-04-17 23:03:46 -04:00
cktricky 5441fea5a6 Merge branch 'master' of github.com:OWASP/railsgoat into pr-108 2014-04-17 22:51:19 -04:00
cktricky d2bd77a461 the latest sqli tutorial leveraging @forced_request modifications. We really need some more unit-tests for all this new functionality 2014-04-17 22:07:58 -04:00
cktricky 77fcf26abd working on a tutorial for the scope injection / sql injection 2014-04-17 20:51:16 -04:00
Mike McCabe 6975f94381 adding routes. catching nulls 2014-04-17 20:18:39 -04:00
cktricky c157496b1e fixed broken spec test by changing the reference to an incorrect location when downloading the database.yml file 2014-04-17 20:17:33 -04:00
John Poulin 4bff205e81 added in johns constantize change as well as some other stuff like CSS fun 2014-04-17 20:10:53 -04:00
John Poulin 5bb9c75f06 Added fix for Analytics SQLi 2014-04-17 20:05:07 -04:00
John Poulin 196b732b91 Fixed bug in analytics view 2014-04-17 20:04:32 -04:00
John Poulin 3f63480022 Added Analytics function to track user hits by ip address, referrer and user agent 2014-04-17 20:03:50 -04:00
John Poulin 5056f77395 Added codefix example for CSS context XSS. 2014-04-17 20:03:17 -04:00
John Poulin e760fc0087 merging 2014-04-17 20:03:14 -04:00
Mike McCabe 9fd91a8224 initial commit of mobile controller 2014-04-17 20:00:30 -04:00
Mike McCabe 833cdaeff9 adding .tags to gitignore 2014-04-17 20:00:18 -04:00
Mike McCabe 8bc20e8f91 fixing name in messages 2014-04-17 19:56:48 -04:00
cktricky 8e4e084dc9 Fixes #99. We have added the hogan method for escaping user input and added a tutorial 2014-04-17 12:51:02 -04:00
cktricky 8cb6ff36ac removed needless diff stuff 2014-04-17 11:37:02 -04:00
cktricky 366edc3b09 not sure if this is working 2014-04-17 11:33:18 -04:00
Al Snow 430cac2f64 Upgraded 2 gems by rebuilding Gemfile.lock file 2014-04-17 09:58:58 -04:00
cktricky c7cd7c4272 Fixes #100. Added some verbiage that makes it clearer that a user should click on the PDF(s) 2014-04-17 08:43:29 -04:00
cktricky d8badd0911 Merge branch 'pr-106' 2014-04-17 08:15:31 -04:00
cktricky d4c882a1c7 Fixes #107. Added some verbiage surrounding the SQL Injection tutorial 2014-04-17 08:09:02 -04:00
cktricky d275589f05 Merge branch 'master' of github.com:OWASP/railsgoat 2014-04-16 14:42:33 -04:00
cktricky 8febd39252 hopefully nothing changed 2014-04-16 14:40:30 -04:00
Al Snow 7f89ffc65a Rebuilt Gemfile.lock file and upgraded 3 gems 2014-04-08 19:57:10 -04:00
mccabe615 12a0e578f2 Merge pull request #62 from jasnow/2.0.0 
Upgraded Project to Ruby 2.0.0 Branch.
 2014-04-05 12:24:46 -04:00
Al Snow 7a03c52a03 Did git pull parent master in master, then merged that in 2014-04-04 08:00:17 -04:00
Al Snow 84a8ad5b39 Merged master into branch/clean it up/green test run 2014-04-03 21:00:58 -04:00
mccabe615 190fcb1a44 Merge pull request #105 from jasnow/master 
Rebuilt Gemfile.lock file. Upgraded 2 gems.
 2014-03-31 14:48:54 -04:00
Al Snow 1aec17184d Rebuilt Gemfile.lock file. Upgraded 2 gems. 2014-03-31 09:02:58 -04:00
cktricky 59946e056c changed motorcross to motocross everywhere that it used. Closes or resolves issue #104 2014-03-26 12:58:48 -04:00
cktricky c602441216 Merge branch 'pr-101' 2014-03-26 12:54:53 -04:00
Al Snow 77b6160be9 Added 'bundle exec' to cmd line 2014-03-26 10:27:11 -04:00
Al Snow 21b7de06f9 Rebuilt Gemfile.lock file (4 gems) 2014-03-26 09:53:02 -04:00
cktricky 70b44b36ad oops, mikes password changed for some reason which conflicts with our tutorials and such 2014-03-25 11:57:11 -04:00
Al Snow cee5030047 Added rack-ssl (1.3.4) gem 2014-03-24 09:58:41 -04:00
Al Snow bdeef0508b Rebuilt Gemfile.lock file 2014-03-24 09:50:49 -04:00
Al Snow e53d5c928d Rebuilt Gemfile.lock file 2014-03-20 09:10:12 -04:00
cktricky 7a89ae6f17 added the tutorial for the newest logic flaw 2014-03-16 22:10:19 -04:00
cktricky 8140cb3a1b added the basic template of a tutorial guide for the newly added logic flaw, now I have to fill it out :-( (j/k) 2014-03-16 16:19:07 -04:00
cktricky d11617f272 while the pay page could use further refinement from a visual aspect, it is completely working and ready for a tutorial 2014-03-16 16:10:12 -04:00
cktricky 41a596aba0 added some necessary comments to the pay page 2014-03-16 15:37:47 -04:00
cktricky 87f9c825ba a function to decrypt has been added to the mix 2014-03-16 15:26:33 -04:00
cktricky 3a5818c493 the basics of a working remember-me-logic-flaw completed :-) 2014-03-15 22:30:31 -04:00
cktricky 1f922916d2 have the ability now to update a row of direct deposit information as well as leverage the encryption routine to introduce a serious flaw 2014-03-15 21:58:42 -04:00
cktricky 9951af6170 added row, now working on deletion of a column 2014-03-15 15:46:01 -04:00
cktricky 16eaefefdf view portion of adding a column almost complete, then backend logic 2014-03-15 15:29:45 -04:00