Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Whether this is about ha.ckers.org, sla.ckers.org or some other project you are interested in or want to talk about, throw it in here to get feedback. 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
Web Services
Posted by: fayte
Date: May 18, 2007 10:24AM

I've wanted to get into Web Service security for a while - though I'd post some of the links I've gathered. If anyone knows some other good resources we could build a nice collection.

Recent Talks:

-Attacking Web Services, Alex Stamos http://cansecwest.com/slides06/csw06-stamos.pdf
-Smashing Web Apps: Applying Fuzzing to Web Applications and Web Services, Michael Suton https://www.blackhat.com/presentations/bh-dc-07/Sutton/Presentation/bh-dc-07-Sutton-up.pdf
-Web Services Vulnerabilities, Nishchal Bhalla https://www.blackhat.com/presentations/bh-europe-07/Bhalla-Kazerooni/Whitepaper/bh-eu-07-bhalla-WP.pdf


Tools:

http://www.sift.com.au/73/171/sift-web-method-search-tool.htm - Webservices method brute forcer
http://www.vordel.com/soapbox/ - SOAP client
http://www.net-square.com/wschess/index.shtml -various


Books:
Hacking Web Services, Shreeraj Shah http://www.amazon.com/Hacking-Services-Internet-Shreeraj-Shah/dp/1584504803


General:
http://www.owasp.org/index.php/Web_Services
http://www.cgisecurity.com/ws/
http://msdn2.microsoft.com/en-us/security/aa570415.aspx

Options: ReplyQuote
Re: Web Services
Posted by: Mephisto
Date: May 18, 2007 10:56AM

Very nice, thanks for the links.

Options: ReplyQuote


Sorry, only registered users may post in this forum.