Download Latest Version
WS-Attacker-1.7.zip (87.8 MB)
Get an email when there's a new version of WS-Attacker
| Name | Modified | Size | Downloads / Week |
|---|---|---|---|
| Parent folder | |||
| Documentation-v1.6.pdf | 2015-06-15 | 555.4 kB | |
| Documentation-v1.3.pdf | 2013-07-10 | 1.8 MB | |
| README | 2013-06-24 | 1.4 kB | |
| WS-Attacker-1.3.zip | 2013-06-24 | 61.3 MB | |
| Totals: 4 Items | 63.6 MB | 0 | |
=============
24. Juni 2013
=============
New XML-Denial-of-Service Plugin (by Andreas Falkenberg):
- Various Attack Techniques
-Coercive Parsing
-Hash Collision Attack (DJBX31A, DJBX33A, DJBX33X)
-SOAP Array Attack
-XML Attribute Count Attack
-XML Element Count Attack
-XML Entity Expansion Attack
-XML External Entity Attack
-XML Overlong Element Names
- After the attack is finished, right click on the Plugin in the "Attack
Overview" to see more details!
General:
- Splitted Signature Wrapping Plugin into a "Plugin" and its "Library Functions"
- Library is independent of Main WS-Attacker Framework
Signature Wrapping Plugin improved:
- Now it is possible to right click on the Plugin in the "Attack Overview"
to slide through all XSW possibilities
Signature Wrapping Library improved:
- Improved compatibility when Signatures sign Signatures (Usefull e.g. for
SAML Responses which sign SAML Assertions)
- New and better XML Schema Analyzer
New Signature Faking Library (by Juraj Somorovsky):
- Creates a new Signature Value for a given XML Signature by using a newly
created Fake Certificate
- Yet only available as a Library (No WS-Attacker Plugin available)
Framework Changes:
- Very small GUI improvements
- lalib-checkboxtree library now added locally because of Maven repository
changes