Loading…
Welcome to the full schedule of the OWASP AppSec Research EU 2013 conference days. You’ll find the schedule for the training days at http://trainings2013.appsec.eu
Back To Schedule
Friday, August 23 • 9:30am - 1:30pm
WS-Attacker

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Tweet Share
WS-Attacker is a modular framework for web services penetration testing. It is a free and easy to use software solution, which provides an all-in-one security checking interface with only a few clicks.

Currently the following attacks are implemented:
- Automatic XML Signature Wrapping attack against Web Services
- XML-Denial-of-Service Techniques against Web Services
- SOAPAction Spoofing and WS-Addressing Spoofing
Further Attacks in Development (even apart from Web Services)


http://sourceforge.net/projects/ws-attacker/
Speakers
avatar for Christian Mainka

Christian Mainka

Security Consultant, Horst Görtz Institute for IT Security, Chair for Network and Data Security, Ruhr-University Bochum
Christian Mainka is a Security Researcher at the Ruhr University Bochum, Chair for Network and Data Security. Since 2009, he focuses on XML and Web Services technologies and develops his penetration testing tool WS-Attacker and has published several papers in the field of XML security... Read More →
avatar for Juraj Somorovsky

Juraj Somorovsky

Security Consultant, Ruhr-University Bochum
Juraj Somorovsky finished his PhD in the area of XML Security in 2013. In his thesis „On the Insecurity of XML Security“ he analyzes various attacks on Web Services and presents practical countermeasures against these attacks, which were applied in XML Security specifications... Read More →

Friday August 23, 2013 9:30am - 1:30pm CEST
Alsterpanorama II Emporio
  Open Source Security Showcase