From: Atul Wankhade (atul_wankhade@hotmail.com)
Date: Mon Jun 19 2006 - 15:09:53 EDT
Hi All,
Firstly, sorry if I have posted this to wrong alias. Please point me if you
know the right alias. I want to perfrom a security testing for the
webservices. I am a novice in this field. I would highly appreciated if you
could help me and share pointers in this regard. Also, I searched for
couple of tools on the net and here are my findings. Has anybody used any of
the following? It would be helpful if you suggest me on the same.
Thanks in advance ...
Atul Wankhade
WSFuzzer
- Attacks a web service based on valid WSDL, a valid endpoint &
namespace, or it can try to intelligently detect WSDL for a given target.
- http://www.neurofuzz.com/modules/software/wsfuzzer.php
wsChess
- Web Services Assessment and Defense Toolkit
- http://net-square.com/wschess/index.shtml
WSDigger
- a free open source tool to automate black-box web services
security testing (also known as penetration testing).
-
http://www.foundstone.com/index.htm?subnav=resources/navigation.htm&subcontent=/resources/proddesc/wsdigger.htm
WSBang
- Python-based tool used to perform automated security testing of
SOAP based web services.
- http://www.isecpartners.com/tools.html
SOAPSonar
- Allows Web Services Vulnerability Assessment.
- http://www.codeproject.com/showcase/Crosschecks1.asp
From: "David Ball" <lostinvietnam@hotmail.com>
To: mohitz@cse.iitb.ac.in
CC: pen-test@securityfocus.com
Subject: RE: penetrating a firewalled network
Date: Tue, 06 Jun 2006 11:36:43 +0800
>From my own post to SF some months back with a similar question. These
>resources helped me out. The full thread is at the following URL:
>
>http://www.securityfocus.com/archive/101/421146/30/0/threaded
>
>1. "Host Detection - Generating arbitrary responses to identify
>inter-networked nodes".
>http://www.zone-h.org/files/29/responses-tisc.txt
>
>2. "Techniques to validate host connectivity"
>http://packetstorm.linuxsecurity.com/papers/protocols/host-detection.txt
>
>3. "Diggin em Walls - Detection of Firewalls, and Probing networks behind
>firewalls".
>http://neworder.box.sk/newsread.php?newsid=2914
>
>4. "Host Discovery with Nmap"
>http://www.l0t3k.net/biblio/fingerprinting/en/NMAP-mwdiscovery.pdf
>Provides different enumeration scenarios (Firewall with Filtering, Firewall
>with Generic Ruleset, Firewall with specific rules, Stateful Firewall with
>specific rules) and describes how to customize nmap scans for best results
>with each scenario. Provides example tcpdump output for each scan.
>
>5. "Strategies for Defeating Distributed Attacks"
>http://www.megasecurity.org/Dos/Simple_Nomad.txt
>The title is a little misleading. Do a Find for the word "enumeration" and
>read from there. Also a very interesting few paragraphs on using non-echo
>ICMP messages for host enumeration. See especially the section titled "ICMP
>Defense".
>
>6. "Firewall Penetration Testing"
>http://www.wittys.com/files/mab/fwpentesting.html
>(Borrows heavily from the original Firewalk paper but still worth a read)
>
>7. "Network Scanning Techniques" - Ofir Arkin
>http://www.sys-security.com/archive/papers/Network_Scanning_Techniques.p
>df
>
>8. "Low Level enumeration with TCP/IP"
>http://www.securitydocs.com/library/3012/2
>
>TOOLS
>---------
>
>1. Mike Shiffman/David Goldsmith's Firewalk paper
>http://www.packetfactory.net/projects/firewalk/firewalk-final.pdf
>
>2. "Tcptraceroute examples"
>http://michael.toren.net/code/tcptraceroute/examples.txt
>
>3. "Paratrace Analysis and Defence" (SANS GIAC practical)
>http://www.giac.org/certified_professionals/practicals/gcih/0392.php
>
>Sincerely.
>
>David Ball.
>
>>
>>"Mohit Agarwal" <mohitz@cse.iitb.ac.in>
>>No Phone Info Available
>>06/06/2006 02:10 AM
>>Please respond to
>>mohitz@cse.iitb.ac.in
>>
>>To
>>pen-test@securityfocus.com
>>cc
>>
>>Subject
>>penetrating a firewalled network
>>
>>
>>
>>
>>
>>
>>Hi,
>>
>>I want to do penetration tests on a firewalled network to find out the
>>network structure and any other info that i can get. Can you suggest some
>>resources to read for the same as i am a noob.
>>
>>--
>>Mohit
>>
>>------------------------------------------------------------------------------
>>This List Sponsored by: Cenzic
>>
>>Concerned about Web Application Security?
>>Why not go with the #1 solution - Cenzic, the only one to win the
>>Analyst's
>>Choice Award from eWeek. As attacks through web applications continue to
>>rise,
>>you need to proactively protect your applications from hackers. Cenzic has
>>the
>>most comprehensive solutions to meet your application security penetration
>>
>>testing and vulnerability management needs. You have an option to go with
>>a
>>managed service (Cenzic ClickToSecure) or an enterprise software
>>(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can
>>help you: http://www.cenzic.com/news_events/wpappsec.php
>>And, now for a limited time we can do a FREE audit for you to confirm your
>>
>>results from other product. Contact us at request@cenzic.com for details.
>>------------------------------------------------------------------------------
>>
>
>_________________________________________________________________
>Learn English via Shopping Game, FREE!
>http://www.linguaphonenet.com/BannerTrack.asp?EMSCode=MSN06-03ETFJ-0211E
>
>
>------------------------------------------------------------------------------
>This List Sponsored by: Cenzic
>
>Concerned about Web Application Security? Why not go with the #1 solution -
>Cenzic, the only one to win the Analyst's Choice Award from eWeek. As
>attacks through web applications continue to rise, you need to proactively
>protect your applications from hackers. Cenzic has the most comprehensive
>solutions to meet your application security penetration testing and
>vulnerability management needs. You have an option to go with a managed
>service (Cenzic ClickToSecure) or an enterprise software (Cenzic
>Hailstorm). Download FREE whitepaper on how a managed service can help you:
>http://www.cenzic.com/news_events/wpappsec.php And, now for a limited time
>we can do a FREE audit for you to confirm your results from other product.
>Contact us at request@cenzic.com for details.
>------------------------------------------------------------------------------
>
------------------------------------------------------------------------------
This List Sponsored by: Cenzic
Concerned about Web Application Security?
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's
Choice Award from eWeek. As attacks through web applications continue to rise,
you need to proactively protect your applications from hackers. Cenzic has the
most comprehensive solutions to meet your application security penetration
testing and vulnerability management needs. You have an option to go with a
managed service (Cenzic ClickToSecure) or an enterprise software
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can
help you: http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to confirm your
results from other product. Contact us at request@cenzic.com for details.
------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:56:08 EDT