Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Sneak Preview: Parasoft's SOAPtest 4.0

A wizard helped me set up a series of XML- and non-XML- specific penetration tests against a .Net Web service running in our labs. Because the service offers operations that interact with a database, the SQL injection tests were definitely of interest, even though SQL injection attacks through XML aren't much different from those that exploit other Web technologies, such as ASP, JSP and PHP.


• Automates testing of common SOAP and XML vulnerabilities
• Configurable dependencies let you test a composite application in the flow as required by the application

• Supports HTTP 1.0, HTTP 1.1 and JMS as SOAP transports


• XPath knowledge necessary for some WS-Security operations
• Infers vulnerabilities without clear explanations

Parasoft SOAPtest 4.0, starts at $3,495. Parasoft, (888) 305-0041, (626) 256-3680.
  • 1