This course will become read-only in the near future. Tell us at if that is a problem.

Parameter Tampering


In WebGoat read the lessons under “Parameter Tampering"



Work the exercises of "Parameter Tampering.

The exercises to improve WebGoat are not mandatory (try them if you have experience with Java).  

In order to prevent the effects of Parameter Tampering validate the data in the server side and not only in client side.



Briefly discuss your experience this week. Some ideas follow but you don’t have to answer all the questions. Did you learn something interesting? Was there something confusing in the lesson that you had to look up? If so, what was it? Was it too much or too little work? Anything to add to it to make it better for the next round of students? Anything else you’d like to discuss about this week’s lesson?

A discussion works best when there are at least two people involved so I encourage you to comment on other people’s posts!

Task Discussion