soapUI Beta1 4.0 The Security Release (영문)
2011/05/20 (11:14)
작성자 : 관리자 조회수 : 2473

eviware May 2011

We have just released soapUI 4– The Security Release, bringing security testing to developers and testers world wide. You can now be your own hacker

1       Boundary Scan

Sending in data at the boundary of allowed values or in direct opposition of the allowed values may cause your system to behave erratically or display unwanted information. Harden your system against boundary conditions.

2      Invalid Data

Sending purely invalid data of invalid formats can cause your system to reveal deep information about how it’s built or make itself vulnerable to further attacks. Protect your system from invalid data attacks.

3      Malformed XML

Make sure your Service Implementation is robust. Send malformed XML to your system, and verify that the malformed XML does not cause ripple effects which weaken your systems robustness.

4     SQL Injection

Secure your database; Send in Malicious SQL statements in order to make sure it’s not possible to get access to or weaken your databases.

5      XPath Injection

Verify your application server does not execute XPath statements and examine whether an attacker can execute XPath statements on your server.

6      XML Bomb

A document of extreme size can cause instability, make your systems inaccessible or make your system an attack vector. The XML Bomb scan will examine whether your system is vulnerable to stack overflows.

7      Malicious Attachments

Send malicious attachments to the target system. Make sure an attacker cannot send unwanted attachments such as executable or plain viruses.

8      Custom script

The soapUI Security Test Framework comes completely extendable; create your own scan  using Groovy and build your own set of security tests fully integrated into soapUI.

9      Cross site scripting

Does your Service expose the parameters it uses in its messages? This is a common mistake leading to Cross Site Scripting scan.



Thanks for using soapUI Pro!
- The eviware team


Eviware Sales - Baggensgatan 25, Stockholm, 11131, Sweden

  이전 : [SothinkMedia] DIY Marvellous DVD Menu (영문)
  다음 : DXperience 11.1 Beta Available Now, Brand New XPO Profiler & Instant Feedback UI for