WS-Attacker - Modular Framework for Web Services Penetration Testing


WS-Attacker is a modular framework for web services penetration testing. It is a free and easy to use software solution, which provides an all-in-one security checking interface with only a few clicks.

Features:

  • Automatic XML Encryption Attacks against Web Services
  • Automatic XML Signature Wrapping attack against Web Services
  • XML-Denial-of-Service Techniques against Web Services
  • SOAPAction Spoofing and WS-Addressing Spoofing
  • Further Attacks in Development (even apart from Web Services)

Screenshots:

Load a WSDL and set up request parameters

Configuration: SOAPAction Spoofing

Attack finished

Submitting a test request

Attack finished

Configuration: WS Addressing Spoofing




Source: www.effecthacking.com
WS-Attacker - Modular Framework for Web Services Penetration Testing WS-Attacker - Modular Framework for Web Services Penetration Testing Reviewed by Anonymous on 11:32 PM Rating: 5