Differences SOAP vs REST: Comparison of protocols and their security

SOAP and REST are two of the most used terms in the API development sector. If you don’t have thorough knowledge of the two, you may wonder: * Why should a developer choose and ditch others? * Ca ...

Continue Reading
API Securing in 2021?—?Top 10 Best Practices

### API Securing in 2021? — Top 10 Best Practices I love drawing inspiration from real life and todays article is no different. I often get asked the question on how to hack an API but what some peop ...

Continue Reading
CVE-2021-21702

A NULL pointer dereference issue is in the SOAP extension of PHP. More specifically, the flaw occurs in the SoapClient when parsing a WSDL document due to improper checking of a child node name. A mal ...

Continue Reading
BigBountyRecon – This Tool Utilises 58 Different Techniques To Expediate The Process Of Intial Reconnaissance On The Target Organisation

[![](https://1.bp.blogspot.com/-1de0aBPNIWk/YAUWk6HkngI/AAAAAAAAVBA/s_ZSe7IlI7IkK-BtzxPMSmMHzAoV1_H6QCNcBGAsYHQ/w640-h396/BigBountyRecon_1.png)]() BigBountyRecon tool utilises 58 different techniques ...

Continue Reading
Exploit for Missing Authentication for Critical Function in Sap Netweaver Application Server Java

[CVE-2020-6287] SAP NetWeaver AS JAVA (LM Configuration Wizar...Read More ...

Continue Reading
SAP Unauthenticated WebService User Creation

This module leverages an unauthenticated web service to submit a job which will create a user with a specified role. The job involves running a wizard. After the necessary action is taken, the job is ...

Continue Reading
U.S. Dept Of Defense: SharePoint Web Services Exposed to Anonymous Access

Summary: Any unauthenticated/anonymous users are able to access the SharePoint Web Services (.wsdl files) for the ?????????? website. Description: The SharePoint installation for this particular site ...

Continue Reading
Improper Restriction of XML External Entity Reference in soa-model

Soa-model is a toolkit and Java API for WSDL, WADL and XML Schema. An XML External Entity (XXE) vulnerability exists in versions of soa-model prior to 1.6.4 in the WSDLParser function. This issue has ...

Continue Reading

Back to Main

Subscribe for the latest news: