WebFuzzing
diff --git a/‎.gitignore‎
Lines changed: 5 additions & 0 deletions b/‎.gitignore‎
Lines changed: 5 additions & 0 deletions
diff --git a/‎README.md‎
Lines changed: 3 additions & 1 deletion b/‎README.md‎
Lines changed: 3 additions & 1 deletion
diff --git a/‎auth/webgoat-auth.yaml‎
Lines changed: 14 additions & 0 deletions b/‎auth/webgoat-auth.yaml‎
Lines changed: 14 additions & 0 deletions
diff --git a/‎dockerfiles/webgoat.dockerfile‎
Lines changed: 22 additions & 0 deletions b/‎dockerfiles/webgoat.dockerfile‎
Lines changed: 22 additions & 0 deletions
diff --git a/‎dockerfiles/webgoat.yaml‎
Lines changed: 15 additions & 0 deletions b/‎dockerfiles/webgoat.yaml‎
Lines changed: 15 additions & 0 deletions
diff --git a/‎jdk_21_maven/cs/pom.xml‎
Lines changed: 1 addition & 0 deletions b/‎jdk_21_maven/cs/pom.xml‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎jdk_21_maven/cs/rest-gui/pom.xml‎
Lines changed: 20 additions & 0 deletions b/‎jdk_21_maven/cs/rest-gui/pom.xml‎
Lines changed: 20 additions & 0 deletions
@@ -355,3 +355,8 @@ jdk_8_maven/em/external/rest/spring-batch-rest/target
 /jdk_8_maven/cs/rest/original/spring-actuator-demo/target
 /jdk_8_maven/em/embedded/rest/spring-actuator-demo/target
 /jdk_8_maven/em/external/rest/spring-actuator-demo/target
+
+/jdk_21_maven/cs/rest-gui/webgoat/target
+/jdk_21_maven/cs/rest-gui/webgoat/tmp
+/jdk_21_maven/em/embedded/rest-gui/webgoat/target
+/jdk_21_maven/em/external/rest-gui/webgoat/target
@@ -70,7 +70,7 @@ For simplicity, all schemas are also available as JSON/YML files under the folde
 > **IMPORTANT**: More details (e.g., #LOCs and used databases) on these APIs can be found [in this table](statistics/table_emb.md).
 
 
-### REST: Java/Kotlin (30)
+### REST: Java/Kotlin (31)
 
 * **Bibliothek** (MIT), [jdk_17_gradle/cs/rest/bibliothek](jdk_17_gradle/cs/rest/bibliothek), from [https://github.com/PaperMC/bibliothek](https://github.com/PaperMC/bibliothek)
 
@@ -130,6 +130,8 @@ For simplicity, all schemas are also available as JSON/YML files under the folde
 
 * **User Management** (MIT), [jdk_8_maven/cs/rest/original/user-management](jdk_8_maven/cs/rest/original/user-management), from [https://github.com/andreagiassi/microservice-rbac-user-management](https://github.com/andreagiassi/microservice-rbac-user-management)
 
+* **WebGoat** (GPL), [jdk_21_maven/cs/rest-gui/webgoat](jdk_21_maven/cs/rest-gui/webgoat), from [https://github.com/WebGoat/WebGoat](https://github.com/WebGoat/WebGoat)
+
 * **YouTubeMock** (not-known license), [jdk_8_maven/cs/rest/original/youtube-mock](jdk_8_maven/cs/rest/original/youtube-mock), from [https://github.com/opensourcingapis/YouTubeMock](https://github.com/opensourcingapis/YouTubeMock)
 
 
 
@@ -0,0 +1,14 @@
+auth:
+  - name: user1
+    loginEndpointAuth:
+      payloadRaw: "username=testuser&password=testuser"
+  - name: user2
+    loginEndpointAuth:
+      payloadRaw: "username=testuser2&password=testuser"
+
+authTemplate:
+    loginEndpointAuth:
+        endpoint: /WebGoat/login
+        verb: POST
+        contentType: application/x-www-form-urlencoded
+        expectCookies: true
@@ -0,0 +1,22 @@
+FROM amazoncorretto:21-alpine-jdk
+
+COPY ./dist/webgoat-sut.jar .
+COPY ./dist/jacocoagent.jar .
+
+
+
+
+COPY ./scripts/dockerize/data/additional_files/webgoat/test.mv.db .
+
+
+
+#ENV TOOL="undefined"
+#ENV RUN="0"
+
+ENTRYPOINT \
+    java \
+#    unfortunately dumponexit is completely unreliable in Docker :(
+#    -javaagent:jacocoagent.jar=destfile=./jacoco/webgoat__${TOOL}__${RUN}__jacoco.exec,append=false,dumponexit=true \
+    -javaagent:jacocoagent.jar=output=tcpserver,address=*,port=6300,append=false,dumponexit=false \
+    -Drunning.in.docker=true -jar webgoat-sut.jar \
+    --webgoat.port=8080 --webwolf.port=8081 --server.address="0.0.0.0" --spring.profiles.active=dev --spring.datasource.driver-class-name=org.h2.Driver --spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.H2Dialect --spring.jpa.properties.jakarta.persistence.schema-generation.scripts.action=none --spring.sql.init.mode=never --spring.datasource.url="jdbc:h2:file:./test" --spring.datasource.username=sa --spring.datasource.password
@@ -0,0 +1,15 @@
+services:
+  sut-webgoat:
+    build:
+      dockerfile: ./dockerfiles/webgoat.dockerfile
+      context: ..
+#    environment:
+#      TOOL: ${TOOL:-undefined}
+#      RUN: ${RUN:-0}
+    ports:
+      - "${HOST_PORT:-8080}:8080"
+      - "${JACOCO_PORT:-6300}:6300"
+#    volumes:
+      # default env does not work on volumes
+#      - ${JACOCODIR}:/jacoco
+
@@ -13,6 +13,7 @@
 
     <modules>
         <module>rest</module>
+        <module>rest-gui</module>
     </modules>
 
 
 
@@ -0,0 +1,20 @@
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+
+    <parent>
+        <groupId>org.evomaster</groupId>
+        <artifactId>evomaster-benchmark-jdk21-cs</artifactId>
+        <version>3.4.1-SNAPSHOT</version>
+    </parent>
+
+    <artifactId>evomaster-benchmark-jdk21-cs-rest-gui</artifactId>
+    <packaging>pom</packaging>
+
+
+    <modules>
+        <module>webgoat</module>
+    </modules>
+
+
+</project>