How to perform malicious attachment security scan using SOAP UI opensource?
How to perform malicious attachment security scan using SOAP UI opensource?
Forum Discussion
What type of attachment does your service consumes?
Couple of inputs:
File with non-compliant format.
Denial of service using very large file.
Couple of inputs:
File with non-compliant format.
Denial of service using very large file.
Answers to your question:-
1)The file I am trying to attach is in XML and text format.
2)File size I tried with 300bytes, 500bytes, 900bytes. It still isn't accepting it.
I am trying to perform malicious attachment scan to sample WSDL.
I tried it as per the tutorial provided on the below link:-
https://www.soapui.org/security-testing/security-scans/malicious-attachment.html
It displays an existing attachment in the image. My sample wsdl does not has one. I created a sample malicious java script code and saved in a text file.
Whenever I try to generate it using the second tab...it displays 'No attachment in the test step message'.
I tried to find out an option to add an attachment but din't get it. I came across a option 'Copy Attachments' in the 'Add request to test case' option but it is greyed out.
Is it possible to perform malicious security scan in the opensource SOAP UI.
Please refer the attached images.
Awaiting your reply...
