[WEB SECURITY] Vulnerability Scanner for Web Services

Monica Verma mon.ver85 at gmail.com
Mon Feb 1 06:37:22 EST 2010

Hi all,

I was reading a White Paper by Blackhat (EU 2007) on various threats and
vulnerabilities in web services that are somewhat similar to in web
applications. It talked about WSDL Enumeration, XML Injection, XQuery
Injection, etc. that are also mentioned in the WASC Threat Classification

So if I understand correctly, vulnerability and threat analysis for web
services takes a similar approach to that of web applications? I also read
that, say Acunetix for e.g., scans not only for vulnerabilities in Web Apps
for Windows/Unix/Linux but also "Apache Web Services" and in all "Web Server
services". I found this statement little confusing. So from what I know "Web
Server Services" refers to services being hosted by the Web Server (say some
website) and and are fundamentally different from Web Services (the
WSDL-SOAP approach). Is that right? If yes, now can one say that a Web
Vulnerability Scanner not only can look for vulnerabilities in web apps but
also web services thereby revealing not only possibilities to a SQL
Injection but also to DTD Entity Reference attack for example?

Secondly, what would be the major implementation, performance and
effectiveness differences between a Web Vulnerability Scanner and providing
it as a Saas. if any? Is that only limited to the general issues for any
Saas in cloud and cloud-implementation or are there any concerns specific to
web vulnerability scanning being provided as a SaaS?

My apologies in advance in case I am asking something naive/obvious.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/attachments/20100201/000d4a03/attachment.html>

More information about the websecurity mailing list