INTRODUCTION
WebSeekurity is a multi-platform tool that can be used to assess the security of Web applications that interact with a server via AMF/SOAP over HTTP. In particular, Adobe Flex applications can be audited thanks to this software.The tool acts as a client that can be used to communicate with the backend server to test. It enables to send requests to this server and to receive the corresponding responses. WebSeekurity attempts to discover and identify potential server-side vulnerabilities: weak authentication and authorization mechanisms, information leakage, vulnerability to SQL injections, etc.Several modes are proposed: Manual, Automatic and Fuzzing. The Manual mode enables to create a request from scratch. The Automatic mode is used to discover the services and methods made available by the application in an automated manner. Finally, fuzzing can be performed thanks to the last mode.WebSeekurity is released under the GNU GPLv2 license.
REQUIREMENTS:
Python 2.7 (not compatible with Python 3.0 or greater)
PyAMF
SOAPpy
pyparsing
Tcl-Tk