WS-Attacker is a modular framework for web services penetration testing. It is a free and easy to use software solution, which provides an all-in-one security checking interface with only a few clicks.

WS-Attacker is developed by the Chair of Network and Datasecurity, Ruhr-University Bochum (http://nds.rub.de/) and the 3curity GmbH (http://3curity.de/).

Features

  • Automatic XML Encryption Attacks against Web Services
  • Automatic XML Signature Wrapping attack against Web Services
  • XML-Denial-of-Service Techniques against Web Services
  • SOAPAction Spoofing and WS-Addressing Spoofing
  • Further Attacks in Development (even apart from Web Services)

Project Samples

Configuration: SOAPAction Spoofing Attack finished Submitting a test request Load a WSDL and set up request parameters Configuration: WS Addressing Spoofing Attack finished

Project Activity

See All Activity >

Categories

Penetration Testing

Follow WS-Attacker

WS-Attacker Web Site

Other Useful Business Software
Auth for GenAI | Auth0 Icon
Auth for GenAI | Auth0

Enable AI agents to securely access tools, workflows, and data with fine-grained control and just a few lines of code.

Easily implement secure login experiences for AI Agents - from interactive chatbots to background workers with Auth0. Auth for GenAI is now available in Developer Preview
Try free now
Rate This Project
Login To Rate This Project

User Ratings

1.0 out of 5 stars
★★★★★
★★★★
★★★
★★
0
0
0
0
1
ease 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 0 / 5
features 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 0 / 5
design 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 0 / 5
support 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 0 / 5

User Reviews

Filter Reviews:
All
  • skrskrskr Posted 2013-05-28
    Did not work at all for me, I was not able to retrieve a WSDL file once. Thought it might be an issue with my proxy configuration but it even was not working in my very basic local test environment.
Read more reviews >

Additional Project Details

Registered

2011-01-25
Report inappropriate content