[WEB SECURITY] FW: Web Service pentesting

psiinon psiinon at gmail.com
Fri Nov 11 13:27:57 EST 2011


Hi Palko,

For web services you should look at SOAP UI:
http://www.soapui.org/Security/getting-started.html

Psiinon

On Fri, Nov 11, 2011 at 10:41 AM, Palko Marek <marek.palko at lynx.sk> wrote:

> Firstly, I apologize, if this post isn’t at the right place.
>
>
>
> We are looking for tool wich we can use to vulnerability test of web
> service.
>
>
>
> Best tool which I’ve found is WSFuzzer (OWASP).
>
>
>
> Other:
>
> -        wsScanner (Blueinfy) - support  dotNET only (ASMX scheme)
>
> -        wsChess - same as wsScanner
>
> -        wsDigger (Foundstone) - looks fine, but support only few checks
> and is not under development since 2005
>
>
>
> Have you any suggestion of other tools for this purposes ?
>
> Also some guides/docs for doing pentest on web services will be helpful.
>
> _______________________________________________
> The Web Security Mailing List
>
> WebSecurity RSS Feed
> http://www.webappsec.org/rss/websecurity.rss
>
> Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA
>
> WASC on Twitter
> http://twitter.com/wascupdates
>
> websecurity at lists.webappsec.org
> http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec.org
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/attachments/20111111/f8ede22d/attachment-0003.html>


More information about the websecurity mailing list