This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

Projects/OWASP Web Service Attack Community Project

Jump to: navigation, search
What does this OWASP project offer you?
What releases are available for this project?
what is this project?
Name: OWASP Web Service Attack Community Project (home page)
Purpose: Besides the huge success of web services throughout all major industries, web service security is not fully understood by developers and users alike. Web services are vulnerable not only to all known attacks of regular web applications, but also to new web service specific attacks. Up to now, no comprehensive database exists that describes all major web service specific attacks in a stringent fashion.

To close this gap all major web service attacks have been enumerated. Furthermore, a rigorous attack meta structure has been developed. Each attack is described in detail, categorized and explained with an example. At the end of each attack description a detailed list of countermeasures is given, for mitigating or even preventing the attack.

License: Creative Commons Attribution ShareAlike 3.0
who is working on this project?
Project Leader(s):
Project Contributor(s):
how can you learn more?
Project Pamphlet: View
Project Presentation: View
Mailing list: N/A
Project Roadmap: View
Main links:
Key Contacts
current release
WS - V0.1 - 22/12/2010 - (no download available)
Release description: Initial creation of the wiki page and enumeration and description of all known web service specific attacks.
Rating: Yellow button.JPG Not Reviewed - Assessment Details
last reviewed release
Not Yet Reviewed

other releases