Pentest Framework for Webservices?

StackOverflow https://stackoverflow.com/questions/7445351

質問

Is there a pentest framework, especially sql injections, for (java, axis) webservices? Like a SoapUI for pentester or something like that?

役に立ちましたか?

解決

No, But I Have A List For Testing And Pentesting Webservices : Tools :

  • SOA CLEANER
  • WcfStorm-Lite
  • Wsdigger
  • WsScanner

I Am Use Soa Cleaner And SoapUi For Web Service Pentesing

他のヒント

I think, the best method to pentest a webservice is :

  1. Find all apps that can connect to webservice
  2. Install apps and sniff every packet
  3. See authentication methods or check inputs in xml packet
  4. Read carefully WSDL,

By the way The SoapUi is A good tool

ライセンス: CC-BY-SA帰属
所属していません StackOverflow
scroll top