XML Web ServicesRequest Pricing

XML Web Services

Similar to Flash, Microsoft Silverlight is a "thick client" application interface used to enhance users' experience. Underlying web services calls made by Silverlight are vulnerable and it is important to map those in terms of vulnerabilities and create fixes.

Specialized Pen Testing

1

Java based apps

2

Wireless Devices and Networks

3

SCADA Networks

Java based apps

Similar to Flash, Microsoft java is a "thick client" application interface used to enhance users' experience. Underlying web services calls made by Silverlight are vulnerable and it is important to map those in terms of vulnerabilities and create fixes. Read More

Wireless Devices and Networks

Wireless networks are an extension of your organization's infrastructure perimeter and should be tested thoroughly. While it eases the job of networking and connecting computers, it is also easy for a hacker to get into the network over wireless signals. Hence an insecure wireless poses a greater cyber security risk to the network, as compared to the cable based network. Read More

SCADA Networks

SCADA or Process Control Networks based systems have moved from closed networks to open source solutions and TCP/IP enabled networks steadily over recent years which made them vulnerable to the same security vulnerabilities that face our traditional computer networks.Read More

net forensics

Why penetration of XML Web Services Based is essential?

In web applications, the security can be assured by the use of different penetration testing tools. Nevertheless, compared to prominent attacks such as SQL-Injection or Cross-site scripting (XSS), there is currently no penetration testing tools that are capable of analyzing the security of XML interfaces.

The threat of XML-based attacks has significantly increased. Besides web services, Single Sign-On systems are also attackable as latest researches have revealed this the necessity of an automatic penetration testing tool.

How we do it??

By implementing common web applications, our developers evaluate the security of their systems by applying different penetration testing tools. However, in comparison to the well known attacks as SQL injection or Cross Site Scripting, there exists no penetration testing tools for Web Services specific attacks.

Lots of XML-specific attacks exist and are known for a long time. Below table gives us an overview on currently published attacks.

XML Signature Wrapping Attack on XML Encryption Oversize Payload
Coercive parsing SOAP Action Spoofing XML  Injection
WSDL Scanning Metadata Spoofing Attack Obfuscation
Oversized Cryptography BPEL State Deviation Instantiation Flooding
Indirect Flooding WS-Addressing spoofing Middleware Hijacking