RE: Tools to test web services
From: Rosado, Rafael (Rafael) (rarosado_at_lucent.com)
Date: 04/24/04
- Previous message: pak: "Re: Tools to test web services"
- Maybe in reply to: pak: "Tools to test web services"
- Next in thread: pak: "Re: Tools to test web services"
- Reply: pak: "Re: Tools to test web services"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: pak <pak_ml@btopenworld.com> Date: Sat, 24 Apr 2004 11:13:36 -0600
PAK,
There is a tool called FXCop which you might consider -
http://www.gotdotnet.com/team/fxcop/
"FxCop is a code analysis tool that checks .NET managed code assemblies for
conformance to the Microsoft .NET Framework Design Guidelines. It uses
reflection, MSIL parsing, and callgraph analysis to inspect assemblies for
more than 200 defects in the following areas:
Library design
Localization
Naming conventions
Performance
Security
FxCop includes both GUI and command line versions of the tool, as well as an
SDK to create custom rules."
Good Luck!
Rafael Rosado, CISSP, CISA
Lucent IT Infrastructure Security
Voice: 954-885-2176
Fax: 954-885-3861
Email: rarosado@lucent.com
This e-mail message and any attachment(s) to it are intended only for the
use of the addressee(s). The information in this e-mail message is
confidential and proprietary and may be subject to legal privilege. The
reading or dissemination of this email by anyone other than the intended
recipient is strictly prohibited. If you believe you have received this
e-mail in error, please notify the sender immediately and permanently delete
this e-mail, any attachments and all copies thereof from any drives or
storage media and destroy any printouts.
-----Original Message-----
From: pak [mailto:pak_ml@btopenworld.com]
Sent: Saturday, April 24, 2004 5:15 AM
To: pen-test@securityfocus.com
Subject: Tools to test web services
Hi,
I was asked to do penetration testing of web services built on .NET
Framework; therefore I'm looking for the tool that could test web services
and adequately supports standards such as WS-Security, SAML, XML-Encryption,
XML-Signature. So far the only thing I could do is to write such tool on my
own, but maybe there are tools out there (commercial and/or non-commercial),
I'm not aware of, that can help me. Any help/suggestions/tools/papers what
and how to test are more than welcome.
Cheers,
Pak76
----------------------------------------------------------------------------
-- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ---------------------------------------------------------------------------- --- ------------------------------------------------------------------------------ Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html -------------------------------------------------------------------------------
- Previous message: pak: "Re: Tools to test web services"
- Maybe in reply to: pak: "Tools to test web services"
- Next in thread: pak: "Re: Tools to test web services"
- Reply: pak: "Re: Tools to test web services"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
