Penetration Testing mailing list archives

Re: WS Security

From: anj <andykin () privatei com>
Date: Tue, 16 Dec 2008 10:25:49 -0700

While an older presentation, some of the slides provide some tools andmethodologies that may help you.

Also from iSEC.http://www.owasp.org/index.php/Image:AppSec2005DC-Alex_Stamos-Attacking_Web_Services.ppt


Jan Muenther wrote:

If any of you has pointers to some documents that systematicallypoint out all the risks and alternative ways to mitigate them itwould help me a lot.
Have you read Brad Hill's stuff on the topic?
http://www.isecpartners.com/files/XMLDSIG_Command_Injection.pdf
http://seattle.toorcon.org/2007/talks/bradhill.ppt

Cheers,
Jan



------------------------------------------------------------------------
This list is sponsored by: Cenzic

Security Trends Report from Cenzic
Stay Ahead of the Hacker Curve!
Get the latest Q2 2008 Trends Report now

www.cenzic.com/landing/trends-report
------------------------------------------------------------------------

Current thread:

WS Security auto176251 (Dec 15)
- <Possible follow-ups>
- Re: WS Security Jan Muenther (Dec 15)
  - Re: WS Security Leonardo Cavallari Militelli (Dec 16)
  - Re: WS Security anj (Dec 16)
- Re: WS Security auto176251 (Dec 18)