Activity for David Rhoades
-
David Rhoades created ticket #93
add API target - websheep
-
add API target
-
Add screenkey tool
-
Video wishlist
-
Here is an example of a bookmark that would point to a list of known test sites: http://www.vulnweb.com/ - this is from Acunetix (scanner vendor) These kind of meta links are ideal since in theory the vendor will add new test sites and link to them from here.
-
investigate potential impact of remote web resources in targets
-
Add OWASP DevSlop
-
OWASP Mutillidae II is missing php-curl
-
ZAP does not update properly with apt-get upgrade
-
I've re-opened this ticket. This is a critical bug. User gets Dojo and ZAP is fine out of the box, then ZAP Update and suddenly Quick Start fails. That is not acceptable behavior. We need to find a solution. I really want Quick Start in ZAP to work. Maybe if we just install ZAP v2.8.1 it will be solved.
-
Why can't we install ZAP from official repos? https://software.opensuse.org/download.html?project=home%3Acabelo&package=owasp-zap
-
ZAP does not update properly with apt-get upgrade
-
keep php.ini insecure
-
add tmux
-
ZAP ports and MM3
-
ZAP HUD attacking POST requests from History
-
add Insecure Web App creds to menu and home page
-
GenericName missing from all menu items - especially Tools
-
311b66a..19f07c2
-
add GenericName to tools, docs, and targets
-
GenericName missing from all menu items - especially Tools
-
GenericName missing from all menu items - especially Tools
-
missing evince - GNOME document viewer
-
Add bookmark to list of online targets
-
Burp Suite listing under Tools
-
auto-login
-
Vm settings for 33.4 beta
-
update OWASP ZAP to v2.8.x
-
update Burp Suite Community to v2.1
-
It may even have API interface now: http://demo.testfire.net/swagger/properties.json Which will allow API testing labs (e.g. using Burp API extension)
-
Target - Altoro Mutual
-
Thanks. Figured this out the other day. We should not even link to it from Dojo. It does not even have a “About Us” page that labels it as a target site (unlike demo.testfire.net for example). We can close this ticket. On Feb 28, 2019, at 4:09 PM, Steve Pinkham spinkham@users.sourceforge.net wrote: That seems to be part of a paid course by getmimo.com, not sure randos have permission to attempt to hack it. [feature-requests:#81] Installed target - coindex Status: open Group: next Created: Wed Feb...
-
I saw a write up but lost it. Also there is one post online still documenting how to bypass forgot password feature On Monday, Feb 25, 2019 at 3:03 PM, gi0cann <gi0cann@users.sourceforge.net (mailto:gi0cann@users.sourceforge.net)=""> wrote:</gi0cann@users.sourceforge.net> How do you know that this is an intentionally flawed site? [feature-requests:#81] (https://sourceforge.net/p/websecuritydojo/feature-requests/81/) Installed target - coindex Status: open Group: next Created: Wed Feb 20, 2019 08:44...
-
Installed target - coindex
-
Online target to consider - http://webscantest.com/
-
removing old code for Paros; uninstalling dirbuster and webscarab
-
removed old code for Paros (not installed); uninstalled Dirbuster (will replace later with Gobuster); uninstalled WebScarab
-
removed obsolete toosl: webscarab and dirbuster
-
fixing merge conflict
-
Merge branch 'master' of ssh://git.code.sf.net/p/websecuritydojo/code
-
I see - this is removing old packages that are no longer in WSD; not just removing tool from next release
-
remove Dirbuster
-
remove old packages from tool dir in build
-
Redundant with feature request. I guess this was to illustrate that keeping the files might cause an error (assuming we proceed with parsing all .desktop files in rep to generate the menu...maybe we should not do that since it might add obsolete tools to menu)
-
remove WebScarab
-
tool - Nikto
-
target - Hackxor
-
target - XVNA
-
John the Ripper
-
Remove proxy settings from Firefox et al
-
add foxy proxy
-
Done; also configured for all the proxy tools
-
Duck Duck Go
-
Done; ready for v3.4 or whatever we call it
-
remove WebScarab
-
remove Dirbuster
-
remove old packages from tool dir in build
-
refile zenmap in menu under Tools
-
changed default search for firefox; added & configured foxyproxy
-
cleanup of some wording
-
enhance system menu
-
xdg-desktop-menu install --novendor ~/dojobuild/menu/tools.directory grep -l =tools -r ~/dojobuild/ --include *.desktop xdg-desktop-menu install --novendor dojobuild/menu/targets.directory grep -l =targets -r dojobuild/ --include *.desktop xdg-desktop-menu install --novendor dojobuild/menu/docs.directory grep -l =docs -r dojobuild/ --include *.desktop
-
tl;dr - use xdg-desktop-menu install to build the menu system.
-
consider using ~/Downloads during builds
-
rename Burpsuite Free
-
missing record of changes for v3.3
-
Really located in ~/Documents/
-
menulibre causes items to disappear after any save
-
Add OWASP Top Ten 2017 (remove 2010)
-
Missing Juice Shop PDF
-
add foxy proxy
-
MM3 ProxySwitcher needs replacement?
-
Still works fine using latest official version. Also, we will add foxy proxy to co-exist with MM3
-
updating dev instructions
-
updating dev instructions
-
Simple instructions update
-
updating instructions
-
added local VS Code dir to ignored files
-
Fix Menu to point to universal Burpsuite
-
add default creds to tool menu for Arachni web gui
-
Duck Duck Go
-
Make default credentials more obvious
-
John the Ripper
-
Better remote access
-
add link to YEGH in browser bookmarks
-
BeEF default password on initial launch
-
link to SF feature request and bug reports
-
update VB Guest Additions to latest
-
Pimp dojo in SF
-
Unintended Firefox updates
-
Insecure web app admin login broken
-
Missing browser bookmark for new target (Juice Shop)
-
Gruyere missing resetbutton feature
-
Gruyere launches to 127.0.0.1 instead of localhost
1 >
