WS-Attacker Logo

WS-Attacker

0
Free
Updated 11 March 2025
Offensive Security
Web App Security
Visit Website

WS-Attacker is a modular framework for web services penetration testing developed by the Chair of Network and Data Security, Ruhr University Bochum, and Hackmanit GmbH. It allows loading WSDL files, sending SOAP messages, and extending functionality with plugins and libraries for specific Web Services attacks. More information on its architecture and extensibility can be found in the Penetration Testing Tool for Web Services Security paper. Current version supports SOAPAction spoofing, WS-Addressing spoofing, XML Signature Wrapping, and XML-based DoS attacks.

FEATURES

EXPLORE BY TAGS

Web App Security

SIMILAR TOOLS

SSRF-Sheriff Logo
SSRF-Sheriff

A simple SSRF-testing sheriff written in Go

Free
Offensive Security
Hack This Site Logo
Hack This Site

A free, safe, and legal training ground for ethical hackers to test and expand their skills

Free
Offensive Security
DueDLLigence Logo
DueDLLigence

DueDLLigence is an open-source tool for identifying and analyzing DLL hijacking vulnerabilities in Windows applications, providing automated analysis and remediation guidance.

Free
Offensive Security
SprayingToolkit Logo
SprayingToolkit

A collection of Python scripts for password spraying attacks against Lync/S4B & OWA, featuring Atomizer, Vaporizer, Aerosol, and Spindrift tools.

Free
Offensive Security
GadgetToJScript Logo
GadgetToJScript

A tool for generating .NET serialized gadgets for triggering .NET assembly load/execution.

Free
Offensive Security
Android greybox fuzzing with AFL++ Frida mode Logo
Android greybox fuzzing with AFL++ Frida mode

A repository containing material for Android greybox fuzzing with AFL++ Frida mode

Free
Offensive Security
Red Team Planning Document Logo
Red Team Planning Document

A red team planning framework document that guides exercise preparation with emphasis on blue team value, stakeholder engagement, and avoiding negative motivational approaches.

Free
Offensive Security
WeChall Logo
WeChall

A free online wargame for practicing hacking skills and learning security concepts.

Free
Offensive Security
OFFODE Logo
OFFODE

A proof-of-concept tool that demonstrates automated MFA bypass techniques for Microsoft Outlook through browser automation and request interception.

Free
Offensive Security

PINNED

Mandos Logo

Mandos

Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.

Consulting
Checkmarx SCA Logo

Checkmarx SCA

A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Application Security
Orca Security Logo

Orca Security

A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

Cloud Security
DryRun Logo

DryRun

A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.

Application Security
CyberSecTools logoCyberSecTools

Explore the largest curated directory of cybersecurity tools and resources to enhance your security practices. Find the right solution for your domain.

Operated by:

Mandos Cyber • KVK: 97994448

Netherlands • contact@mandos.io

VAT: NL005301434B12

Copyright © 2025 - All rights reserved

LINKS
BlogContact
LEGAL
Terms of servicesPrivacy policy