HITB at Bahrain. You can find detail on my talk here.
Read Here | See Photos
This blog is created to keep track of my activities and place holder for sharing. Enjoy!
Wednesday, April 13, 2005
Sunday, April 03, 2005
Bellua Archive
Anthony just posted all presentations of Bellua 2005, Jakarta. I had my talk on Web Application Kung-Fu. You can find all material here.
Go
Go
Saturday, April 02, 2005
wsChess 1.0 (beta/prototype) - Web Services Assessment and Defense toolkit
A set of tools written C# for the .Net platform. This is a prototype, released as beta with limited support at this point. It has the following tools:
wsPawn - Web services footprinting, discovery and search tools. If you are looking for registered web services and their access points, this tool will help you in retrieving information from public UDDI.
wsKnight - Web services profiling, proxy and audit tool. This tool helps in profiling web services from its WSDL. It also allows you to invoke methods and intercept them before they go on the wire to the target, so that you can manipulate the SOAP envelope if needed. The autoaudit feature allows you to inject characters and attack strings for assessment work.
wsRook - This is a very simple technology demonstration for developers. This is a regular expression-based defense for web services input content. This is a hook in HTTP pipe using the HttpModule interface.
Whitepapers are included for better understanding for all these tools.
Read & Download
wsPawn - Web services footprinting, discovery and search tools. If you are looking for registered web services and their access points, this tool will help you in retrieving information from public UDDI.
wsKnight - Web services profiling, proxy and audit tool. This tool helps in profiling web services from its WSDL. It also allows you to invoke methods and intercept them before they go on the wire to the target, so that you can manipulate the SOAP envelope if needed. The autoaudit feature allows you to inject characters and attack strings for assessment work.
wsRook - This is a very simple technology demonstration for developers. This is a regular expression-based defense for web services input content. This is a hook in HTTP pipe using the HttpModule interface.
Whitepapers are included for better understanding for all these tools.
Read & Download
Subscribe to:
Posts (Atom)