|
Penetration Testing
mailing list archives
Re: web service fuzzers
From: "Benny Tsai" <benny.tsai () gmail com>
Date: Mon, 10 Sep 2007 11:31:20 -0400
Thanks for the great info, everyone :) Unfortunately, it's all become
rather moot. For business reasons, the project has been suspended
indefinitely.
But thank you for all the awesome info :)
-Benny
On 9/7/07, Atrysk News <news () atrysk com> wrote:
You might also check out the following (not necessarily fuzzers, but
absolutely in the ws space...)
- wspawn
- wsknight
- wsrook
- wsaudit
T
http://www.atrysk.com/
On Sep 7, 2007, at 5:21 AM, Jan Münther wrote:
fuzzing capability yet. Any suggestions?
Mmhm, seen WSBang?
http://www.isecpartners.com/wsbang.html
Python's WSDL parsing / proxy class generation is somewhat b0rked, which
is one of the reasons I've started writing a webservice fuzzer in C#
which instantiates the proxy classes and uses reflection to find out
which arguments there are and how to fuzz them. It basically works, but
it's so cruddy and idiosyncratic I don't think it'll ever see anyone
else's harddisk. Just a suggestion on a concept in case you think of
rolling your own.
Cheers,
j.
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!
http://www.cenzic.com/downloads
------------------------------------------------------------------------
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!
http://www.cenzic.com/downloads
------------------------------------------------------------------------
 By Date 
By Thread
Current thread:
|
