Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: web service fuzzers
From: "Benny Tsai" <benny.tsai () gmail com>
Date: Mon, 10 Sep 2007 11:31:20 -0400

Thanks for the great info, everyone :)  Unfortunately, it's all become
rather moot.  For business reasons, the project has been suspended
indefinitely.

But thank you for all the awesome info :)

-Benny

On 9/7/07, Atrysk News <news () atrysk com> wrote:
You might also check out the following (not necessarily fuzzers, but
absolutely in the ws space...)

        - wspawn
        - wsknight
        - wsrook
        - wsaudit

T

http://www.atrysk.com/











On Sep 7, 2007, at 5:21 AM, Jan Münther wrote:


fuzzing capability yet.  Any suggestions?


Mmhm, seen WSBang?
http://www.isecpartners.com/wsbang.html

Python's WSDL parsing / proxy class generation is somewhat b0rked, which
is one of the reasons I've started writing a webservice fuzzer in C#
which instantiates the proxy classes and uses reflection to find out
which arguments there are and how to fuzz them. It basically works, but
it's so cruddy and idiosyncratic I don't think it'll ever see anyone
else's harddisk. Just a suggestion on a concept in case you think of
rolling your own.

Cheers,

j.

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------




------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]