Difference between revisions of "Projects/OWASP Web Service Attack Community Project"

Latest revision as of 18:48, 29 December 2010

PROJECT INFO
What does this OWASP project offer you?

RELEASE(S) INFO
What releases are available for this project?

what	is this project?
Name: OWASP Web Service Attack Community Project (home page)
Purpose: Besides the huge success of web services throughout all major industries, web service security is not fully understood by developers and users alike. Web services are vulnerable not only to all known attacks of regular web applications, but also to new web service specific attacks. Up to now, no comprehensive database exists that describes all major web service specific attacks in a stringent fashion. To close this gap all major web service attacks have been enumerated. Furthermore, a rigorous attack meta structure has been developed. Each attack is described in detail, categorized and explained with an example. At the end of each attack description a detailed list of countermeasures is given, for mitigating or even preventing the attack.
License: Creative Commons Attribution ShareAlike 3.0
who	is working on this project?
Project Leader(s): Andreas Falkenberg @
Project Contributor(s): Meiko Jensen @ Juraj Somorovsky @
how	can you learn more?
Project Pamphlet: View
Project Presentation: View
Mailing list: N/A
Project Roadmap: View
Main links: Welcome to WS-Attacks.org!
Key Contacts
Contact Andreas Falkenberg @ to contribute to this project Contact Andreas Falkenberg @ to review or sponsor this project

WS - Attacks.org V0.1 - 22/12/2010 - (no download available)
Release description: Initial creation of the wiki page and enumeration and description of all known web service specific attacks.
Rating: Not Reviewed - Assessment Details

Not Yet Reviewed

other releases
WS - Attacks.org V0.1

@@ Line 8: / Line 8: @@
 To close this gap all major web service attacks have been enumerated. Furthermore, a rigorous attack meta structure has been developed. Each attack is described in detail, categorized and explained with an example. At the end of each attack description a detailed list of countermeasures is given, for mitigating or even preventing the attack.
-'''Note''' that since the project is not public, access is restricted via Http-Authentication. Your http-authentication login credentials are as follows:<br>
+<!---'''Note''' that since the project is not public, access is restricted via Http-Authentication. Your http-authentication login credentials are as follows:<br>
 username: student<br>
 password: SjtxCCJXB<br>
@@ Line 14: / Line 14: @@
 Your personal Wiki user is as follows:<br>
 username: OWASP<br>
-password: x34trs<br>
+password: x34trs<br> --->
 | project_license = [http://creativecommons.org/licenses/by-sa/3.0/ Creative Commons Attribution ShareAlike 3.0]
@@ Line 36: / Line 36: @@
 | mailing_list_name =
-| project_road_map =
+| project_road_map = http://www.owasp.org/index.php/OWASP_Web_Service_Attack_Community_Project/Roadmap
 | links_url1 = http://clawslab.nds.rub.de/wiki/index.php/Main_Page
 | links_name1 = Welcome to WS-Attacks.org!
-| release_1 =
+| release_1 = WS - Attacks.org V0.1
 | release_2 =
 | release_3 =
 | release_4 =
 }}