WS-Attacker

WS-Attacker is a modular framework for web services penetration testing. It is a free and easy to use software solution, which provides an all-in-one security checking interface with only a few clicks.

WS-Attacker is developed by the Chair of Network and Datasecurity, Ruhr-University Bochum (http://nds.rub.de/) and the 3curity GmbH (http://3curity.de/).

Features

Automatic XML Encryption Attacks against Web Services
Automatic XML Signature Wrapping attack against Web Services
XML-Denial-of-Service Techniques against Web Services
SOAPAction Spoofing and WS-Addressing Spoofing
Further Attacks in Development (even apart from Web Services)

Project Samples

Load a WSDL and set up request parameters

Project Activity

See All Activity >

Follow WS-Attacker

WS-Attacker Web Site

Other Useful Business Software

Zenflow- The AI Workflow Engine for Software Devs

Parallel agents. Multi-agent orchestration. Specs that turn into shipped code. Zenflow automates planning, coding, testing, and verification.

Zenflow is the AI workflow engine built for real teams. Parallel agents plan, code, test, and verify in one workflow. With spec-driven development and deep context, Zenflow turns requirements into production-ready output so teams ship faster and stay in flow.

Try free now

Rate This Project

User Ratings

1.0 out of 5 stars

★★★★★

★★★★

★★★

★★

★

ease 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 0 / 5

features 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 0 / 5

design 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 0 / 5

support 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 0 / 5

User Reviews

Filter Reviews:

All

skrskrskr Posted 2013-05-28

Did not work at all for me, I was not able to retrieve a WSDL file once. Thought it might be an issue with my proxy configuration but it even was not working in my very basic local test environment.

Additional Project Details

Registered

2011-01-25

Similar Business Software

Astra Pentest

Astra’s Pentest is a comprehensive penetration testing solution with an intelligent automated vulnerability scanner coupled with in-depth manual pentesting. On top of 10000+ tests including security checks for all CVEs mentioned in the OWASP top 10, and SANS 25, the automated scanner also...

See Software
Carbide

Carbide is a tech-enabled service that strengthens your company’s information security and privacy management capabilities. Our platform and expert services are tailored for companies aiming for a sophisticated security posture, particularly valuable for organizations that must meet rigorous...

See Software
Defendify

Founded in 2017, Defendify is pioneering All-In-One Cybersecurity® for organizations with growing security needs, backed by experts offering ongoing guidance and support. Delivering multiple layers of protection, Defendify provides an easy-to-use platform designed to strengthen...

See Software
Quixxi

Quixxi is a leading provider of mobile app security solutions that empowers enterprises and security professionals to secure their mobile applications. Quixxi is proud to be the only provider of a patented and proprietary mobile app security solution. Our services includes SCAN, SHIELD, and...

See Software
TrustedSite

TrustedSite Security is a complete solution for external security testing and monitoring. In a single, easy-to-use platform, TrustedSite brings together the essential tools your organization needs to reduce the likelihood of a breach, from attack surface discovery to vulnerability scanning to...

See Software
ImmuniWeb

ImmuniWeb SA is a global application security company operating in over 50 countries, headquartered in Geneva, Switzerland. Most of ImmuniWeb customers come from regulated industries, such as banking, healthcare, and e-commerce. ImmuniWeb® AI Platform leverages award-winning AI and Machine...

See Software