Anyone use WS-Attacker?
2015-07-21 at 4:48 PM UTCIt's a framework for XML-based SOAP Web Services penetration testing. It scans for vulnerabilities and has the option to run exploits automatically if so desired it comes for Linux, Mac and windows. Currently it supports these attacks:
- SOAPAction Spoofing
- WS-Addressing Spoofing
- Various XML Denial of Service variants
- XML Signature Wrapping
Anyone use a tool like this and found it useful? Here's a download link if you're interested in the framework.
2015-07-21 at 7:53 PM UTCPretty cool program. Nothing wrong with strengthening your web security.
2015-07-21 at 11:03 PM UTC
Pretty cool program. Nothing wrong with strengthening your web security.
Not sure if it's open source but there are several institutions developing the program.