Tag Archives: web-services

Don’t Drop the SOAP: Real World Web Service Testing for Web Hackers Presentation

2
Filed under Application Security, Penetration Testing, Web Services
Tagged as , , , , , , , , ,

Sorry for the long delay on posting the slides from the presentation that myself, Josh Abraham and Kevin Johnson did at Black Hat USA and DEF CON 19.  I’ve uploaded the slides from DEF CON to SlideShare (you can also download a copy there as well) and below are the links to the tools and white paper.  I’m currently in the process of working with OWASP to get the testing methodology put into the next version of the OWASP testing guide (v4).  If you have any comments or bug reports for the tools and vulnerable web services please let Josh and Kevin know, they would appreciate it!

Download the white paper.  Download Josh’s Metasploit modules.  Download Kevin’s vulnerable web services.

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • Digg
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS