WS-Attacker is a modular framework for web services penetration testing. It is developed by the Chair of Network and Data Security, Ruhr University Bochum and the 3curity GmbH.

The basic idea behind WS-Attacker is to provide a functionality to load WSDL files and send SOAP messages to the Web Service endpoints (which is executed using the underlying SoapUI framework). This functionality can be extended using various plugins and libraries to build specific Web Services attacks.

Obtaining Runnable File

You’ll need:

  • Java 7 or higher
  • maven
  • git

You procede as follows. You first need to clone WS-Attacker sources (you can of course also download a ZIP file):

$ git clone

Then you go to the WS-Attacker directory and use maven to build and package the files:

$ cd WS-Attacker
$ mvn clean package -DskipTests

Afterwards, you are able to go to the runnable directory and execute WS-Attacker:

$ cd runnable
$ java -jar WS-Attacker-1.6-SNAPSHOT.jar

How to download:




Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s