[WEB SECURITY] FW: Web Service pentesting

Menerick, John jmenerick at netsuite.com
Mon Nov 28 11:23:52 EST 2011

For Burp's pricing model, it is a great investment.    Otherwise, the greatest tool is your creativity in breaking underlying assumptions.


John Menerick

-----Original Message-----
From: websecurity-bounces at lists.webappsec.org [mailto:websecurity-bounces at lists.webappsec.org] On Behalf Of Pavol Luptak
Sent: Friday, November 11, 2011 3:47 PM
To: websecurity at lists.webappsec.org
Cc: marek.palko at lynx.sk
Subject: Re: [WEB SECURITY] FW: Web Service pentesting

On Fri, Nov 11, 2011 at 05:37:55PM +0000, MaXe wrote:
> I stumbled over this the other day:
> http://www.securityaegis.com/web-application-testing-resources/
> There is also a lot of tools mentioned on this page, including the most used generally. There's currently no better resource in my humble opinion, that I can recommend at the moment.

See https://www.owasp.org/index.php/Phoenix/Tools

We use SOAP UI and Burp. I am not sure if there is something better.

[Pavol Luptak, Nethemba s.r.o.] [http://www.nethemba.com] [tel: +421905400542]

NOTICE: This email and any attachments may contain confidential and proprietary information of NetSuite Inc. and is for the sole use of the intended recipient for the stated purpose.  Any improper use or distribution is prohibited.  If you are not the intended recipient, please notify the sender; do not review, copy or distribute; and promptly delete or destroy all transmitted information.  Please note that all communications and information transmitted through this email system may be monitored by NetSuite or its agents and that all incoming email is automatically scanned by a third party spam and filtering service.

More information about the websecurity mailing list