Proposition for fixing broken/improving links (WebGoat#686)

* As stated on enzoic.com: "PasswordPing is now Enzoic!" * Add references to other OWASP resources
qpioneer · Oct 16, 2019 · 9fdbbf6 · 9fdbbf6
1 parent 1f00d46
commit 9fdbbf6
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 1 deletion.
diff --git a/webgoat-lessons/idor/src/main/resources/lessonPlans/en/IDOR_intro.adoc b/webgoat-lessons/idor/src/main/resources/lessonPlans/en/IDOR_intro.adoc
@@ -34,5 +34,7 @@ This of course can be checked or expanded beyond GET methods to view data, but t
 Before we go on to practice, here's some good reading on Insecure Direct Object References:
 
 * https://www.owasp.org/index.php/Testing_for_Insecure_Direct_Object_References_(OTG-AUTHZ-004)
+* https://www.owasp.org/index.php/Top_10-2017_A5-Broken_Access_Control
+* https://cheatsheetseries.owasp.org/cheatsheets/Insecure_Direct_Object_Reference_Prevention_Cheat_Sheet.html
 * https://www.owasp.org/index.php/Top_10_2013-A4-Insecure_Direct_Object_References
 * http://cwe.mitre.org/data/definitions/639.html
diff --git a/...ssons/secure-passwords/src/main/resources/lessonPlans/en/SecurePasswords_1.adoc b/...ssons/secure-passwords/src/main/resources/lessonPlans/en/SecurePasswords_1.adoc
@@ -7,4 +7,4 @@ NIST develops Federal Information Processing Standards (FIPS) which the Secretar
 NIST also provides guidance documents and recommendations through its Special Publications (SP) 800-series.
 These guidelines often become the foundation for best practice recommendations across the security industry and are incorporated into other standards.
 
-(Description from https://www.passwordping.com/surprising-new-password-guidelines-nist/)
+(Description from https://www.enzoic.com/surprising-password-guidelines-nist/)