This is a re-implementation of WebGoat project for .NET taking inspiration from https://github.com/tobyash86/WebGoat.NET.git.
This web application is a learning platform that attempts to teach about common web security flaws. It contains generic security flaws that apply to most web applications. It also contains lessons that specifically pertain to the .NET framework. The exercises in this app are intended to teach about web security attacks and how developers can overcome them.
THIS WEB APPLICATION CONTAINS NUMEROUS SECURITY VULNERABILITIES WHICH WILL RENDER YOUR COMPUTER VERY INSECURE WHILE RUNNING! IT IS HIGHLY RECOMMENDED TO COMPLETELY DISCONNECT YOUR COMPUTER FROM ALL NETWORKS WHILE RUNNING!
- Google Chrome performs filtering for reflected XSS attacks. These attacks
will not work unless chrome is run with the argument
--disable-xss-auditor
.
- .NET 7 SDK
This application has a GitHub Codespace configuration that will allow you to run a Codespace and debug the application if you are demoing in GitHub.