WCF Vulnerability Testing – Easy WCF
Skip to content

WCF Vulnerability Testing

WCF Vulnerability Testing:

Once the development is completed on WCF service, we should do the vulnerability test. This testing is to find vulnerability in web service deployment.

Open Web Application Security Project – (OWASP) provides guidelines to test vulnerability in web application development.

Ref. Number Test Name Vulnerability
OWASP-WS-001 WS Information Gathering Information Disclosure-Unnecessary to expose the wsdl
OWASP-WS-002 Testing WSDL Information Disclosure
OWASP-WS-003 XML Structural Testing Weak XML Structure or improper xml node
OWASP-WS-004 XML content-level Testing XML content-level – SQL injection/xpath injection, buffer overflow, command injection
OWASP-WS-005 HTTP GET parameters/REST Testing WS HTTP GET parameters/REST – SQL injection
OWASP-WS-006 Naughty SOAP attachments WS Naughty SOAP attachments -malware as an attachment
OWASP-WS-007 Replay Testing WS Replay Testing

© 2015, admin. All rights reserved.

Leave a Reply

Your email address will not be published. Required fields are marked *