1 Boundary Scan
Sending in data at the boundary of allowed values or in direct opposition of the allowed values may cause your system to behave erratically or display unwanted information. Harden your system against boundary conditions.
2 Invalid Data
Sending purely invalid data of invalid formats can cause your system to reveal deep information about how it¡¯s built or make itself vulnerable to further attacks. Protect your system from invalid data attacks.
3 Malformed XML
Make sure your Service Implementation is robust. Send malformed XML to your system, and verify that the malformed XML does not cause ripple effects which weaken your systems robustness.
4 SQL Injection
Secure your database; Send in Malicious SQL statements in order to make sure it¡¯s not possible to get access to or weaken your databases.
5 XPath Injection
Verify your application server does not execute XPath statements and examine whether an attacker can execute XPath statements on your server.
6 XML Bomb
A document of extreme size can cause instability, make your systems inaccessible or make your system an attack vector. The XML Bomb scan will examine whether your system is vulnerable to stack overflows.
7 Malicious Attachments
Send malicious attachments to the target system. Make sure an attacker cannot send unwanted attachments such as executable or plain viruses.
8 Custom script
The soapUI Security Test Framework comes completely extendable; create your own scan using Groovy and build your own set of security tests fully integrated into soapUI.
9 Cross site scripting
Does your Service expose the parameters it uses in its messages? This is a common mistake leading to Cross Site Scripting scan.
Read More...
Thanks for using soapUI Pro!
- The eviware team