Slideshare uses cookies to improve functionality and performance, and to provide you with relevant advertising. If you continue browsing the site, you agree to the use of cookies on this website. See our User Agreement and Privacy Policy.
Slideshare uses cookies to improve functionality and performance, and to provide you with relevant advertising. If you continue browsing the site, you agree to the use of cookies on this website. See our Privacy Policy and User Agreement for details.
Advanced Web Services Hacking - Attacks & Defense (AusCERT 2006).
Web services attacks are on the rise with evolution of web applications which are consuming back end web services over SOAP. UDDI, SOAP and WSDL are three important blocks of this new attack vectors. Several attacks are evolving around web services like UDDI enumeration, XPATH injection, XML poisoning, WSDL scanning, SOAP bruteforcing etc. At the same time new range of defense is evolving for web services with SOAP filtering. It is critical to know methodologies, attack vectors and defense strategies before deploying web services into the corporate environment. This paper will discuss advanced web services hacking methods and defense approaches.
Login to see the comments