[WEB SECURITY] WSDL Pentest Tools

Corey LeBleu coreylebleu at gmail.com
Tue Jan 28 09:37:58 EST 2014


You could also intercept SoapUI requests with Burp or use the WSDLer
extension for Burp...

http://www.burpextensions.com/extensions/type/serialization/wsdler/

Or if you want to code your own tool in Python, this presentation should
help:

http://www.gdssecurity.com/l/constricting_the_web_final.pdf


On Jan 28, 2014 1:01 AM, "Thomas Methlie" <mrtompa at gmail.com> wrote:
>
> You should try SoapUI. There's a free and paid version. You get pretty
much the same functionality, but the paid version is a bit easier to use
and more automation.
>
> /thomas
>
> 27. jan. 2014 23:53 skrev "Kayhan KAYIHAN" <kayhan at kayhankayihan.com>
følgende:
>
>> Hello everyone,
>>
>> I need to web service pentest tools.
>> Your recommended tools send to me?
>>
>> Regards.
>>
>> _______________________________________________
>> The Web Security Mailing List
>>
>> WebSecurity RSS Feed
>> http://www.webappsec.org/rss/websecurity.rss
>>
>> Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA
>>
>> WASC on Twitter
>> http://twitter.com/wascupdates
>>
>> websecurity at lists.webappsec.org
>>
http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec.org
>
>
> _______________________________________________
> The Web Security Mailing List
>
> WebSecurity RSS Feed
> http://www.webappsec.org/rss/websecurity.rss
>
> Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA
>
> WASC on Twitter
> http://twitter.com/wascupdates
>
> websecurity at lists.webappsec.org
>
http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/attachments/20140128/c5a25b9c/attachment-0003.html>


More information about the websecurity mailing list