Web service security
- From: "Atul Wankhade" <atul_wankhade@xxxxxxxxxxx>
- Date: Tue, 20 Jun 2006 00:44:45 +0530
Hi All,
Firstly, sorry if I have posted this to wrong alias. Please point me if you know the right alias. I want to perfrom a security testing for the webservices. I am a novice in this field. I would highly appreciated if you could help me and share pointers in this regard. Also, I searched for couple of tools on the net and here are my findings. Has anybody used any of the following? It would be helpful if you suggest me on the same.
Thanks in advance ...
Atul Wankhade
WSFuzzer
- Attacks a web service based on valid WSDL, a valid endpoint & namespace, or it can try to intelligently detect WSDL for a given target.
- http://www.neurofuzz.com/modules/software/wsfuzzer.php
wsChess
- Web Services Assessment and Defense Toolkit
- http://net-square.com/wschess/index.shtml
WSDigger
- a free open source tool to automate black-box web services security testing (also known as penetration testing).
- http://www.foundstone.com/index.htm?subnav=resources/navigation.htm&subcontent=/resources/proddesc/wsdigger.htm
WSBang
- Python-based tool used to perform automated security testing of SOAP based web services.
- http://www.isecpartners.com/tools.html
SOAPSonar
- Allows Web Services Vulnerability Assessment.
- http://www.codeproject.com/showcase/Crosschecks1.asp
- Follow-Ups:
- Re: Web service security
- From: Vinod Gadgoli
- Re: Web service security
- From: Michal Merta
- Re: Web service security
- References:
- SF new article announcement: Standards in desktop firewall policies
- From: Kelly Martin
- SF new article announcement: Standards in desktop firewall policies
- Prev by Date: Re: Securing an encryption key within software.
- Next by Date: Re: user internet usage monitoring
- Previous by thread: SF new article announcement: Standards in desktop firewall policies
- Next by thread: Re: Web service security
- Index(es):
