Looking for the latest version? Download WS-Attacker-1.3.zip (61.3 MB)
Home / WS-Attacker 1.3
Name Modified Size Downloads / Week Status
Parent folder
Totals: 3 Items   63.1 MB 96
Documentation-v1.3.pdf 2013-07-10 1.8 MB 2121 weekly downloads
README 2013-06-24 1.4 kB 22 weekly downloads
WS-Attacker-1.3.zip 2013-06-24 61.3 MB 7373 weekly downloads
============= 24. Juni 2013 ============= New XML-Denial-of-Service Plugin (by Andreas Falkenberg): - Various Attack Techniques -Coercive Parsing -Hash Collision Attack (DJBX31A, DJBX33A, DJBX33X) -SOAP Array Attack -XML Attribute Count Attack -XML Element Count Attack -XML Entity Expansion Attack -XML External Entity Attack -XML Overlong Element Names - After the attack is finished, right click on the Plugin in the "Attack Overview" to see more details! General: - Splitted Signature Wrapping Plugin into a "Plugin" and its "Library Functions" - Library is independent of Main WS-Attacker Framework Signature Wrapping Plugin improved: - Now it is possible to right click on the Plugin in the "Attack Overview" to slide through all XSW possibilities Signature Wrapping Library improved: - Improved compatibility when Signatures sign Signatures (Usefull e.g. for SAML Responses which sign SAML Assertions) - New and better XML Schema Analyzer New Signature Faking Library (by Juraj Somorovsky): - Creates a new Signature Value for a given XML Signature by using a newly created Fake Certificate - Yet only available as a Library (No WS-Attacker Plugin available) Framework Changes: - Very small GUI improvements - lalib-checkboxtree library now added locally because of Maven repository changes
Source: README, updated 2013-06-24