SimpleAdder

This course module is a simple application that can be used to test out the APOGEE system. It simulates a real-life web application assignment that a student would have to submit. There are two specifications that are available to download. One for ASP.NET and one for JSP. Both applications, when written to spec, work with the APOGEE system. Please use the Load Test Pack utility in the project design tool for loading the test cases.

ASP.NET Specification         Test Pack
JSP/Servlet Specification         Test Pack

FreeLancePoster

This course module is a simple database application allows users to insert, delete, and view posts of an electronic broadcasting board. You will learn the use of ASP datagrid, SQL query, and various data validation techniques in this project. You have to fix a number of security vulnerabilities in the sample project provided to you.

ASP.NET Specification (docx)         Partially Implemented Project to Start With (zip)         Test Pack

Travel Agency

Contributed by Mr. Brian Campell (GSW) and Dr. Boris Peltsverger (GSW)

It is a pure JavaScript based project that computes airfare based on the information provided by a user. The project helps students to practice building robust applications via user input validation. The APOGEE grading pack includes a variety of test cases that verifies if a thorough user input validation is performed. This project is used several times in entry level computing classes for non-CS majors.

Check vlab.gsw.edu for details

Custom Report Generator

Contributed by by Mr. Mike Bantegui (Hofstra) and Dr. Xiang Fu (Hofstra).

Students are provided with a backend database, which contains information for generating reports for a school system. It is required that the report should be customizable, i.e., a user can specify the information and proper format layout of the report. In this project, students practice the use of very sophisticated SQL query for manipulating a database, and various techniques for dynamically generating web pages at the server side. The APOGEE grading pack consists of a collection of test cases that validate the required functions.

ASP.NET Specification (doc)         Partially Implemented Project to Start With (zip)         Test Pack

Postage Calculator

Contributed by Mr. Mike Bantegui (Hofstra) and Dr. Xiang Fu (Hofstra).

This is a project based on JavaScript and does not need server set up. Students are given an HTML file and a JavaScript file. They are required to complete the JavaScript functions to perform calculation of postage based on the weight of the package to send and other pertinent information. The APOGEE grading pack enforces that proper user input validation is performed on zipcode and phone numbers. Students have to apply the knowledge of regular expression to meet the requirements.

ASP.NET Specification (doc)         Partially Implemented Project to Start With (zip)         Test Pack

Shipping Cart

Contributed by Mr. Mike Bantegui (Hofstra) and Dr. Xiang Fu (Hofstra).

This is another server-side programming project that relies on back-end databases. Students are asked to write a web application in ASP.NET that allows the user to add items to a shopping cart, view and modify the shopping cart, and submit an order. A partial implementation with the GUI interface is provided. The APOGEE grading pack checks the existence of required controls, performs testing of the required functions, and evaluates the security of the project by including a number of command injection attacks.

ASP.NET Specification (doc)         Partially Implemented Project to Start With (zip)         Test Pack

WebMail

Contributed by Mr. Mike Bantegui (Hofstra) and Dr. Xiang Fu (Hofstra).

The project is to develop an ASP.NET web application that provides a simple web email service for the user. This service includes a sortable display of all received messages, and read reply links for each message. The APOGEE grading pack includes a collection of test cases that verify the required functions (such as log-in page, email listing and composition). It also includes a number of attacks that assess the robustness of the system, for example, to inspect the behaviors of the system when required information in the data schema of the backend database is missing.

ASP.NET Specification (doc)         Partially Implemented Project to Start With (zip)         Test Pack

SCARF Cracking Contest

Contributed by Dr. Xiang Fu (Hofstra).

SCARF is an open-source conference management system (implemented using PHP) available on SourceForge.net. Students are given the full source code of SCARF. They are required to deploy it on a USB-stick Linux operating systems with Apache. Each student is given an account on a specified APOGEE server. He/she has to create test cases that expose the vulnerability of the SCARF system. Students in a class can be divided into groups to challenge each other with security related test cases.

Lab Specification (doc)