Hi all, a new cool foundstone tool has been released,
source: http://www.foundstone.com/index.htm?...c/wsdigger.htmWSDigger is a free open source tool designed by Foundstone to automate black-box web services security testing (also known as penetration testing). WSDigger is more than a tool, it is a web services testing framework. Version one of this framework contains sample attack plug-ins for SQL injection, cross site scripting and XPATH injection attacks. A web service vulnerable to XPATH injection is provided as an example with the tool. By releasing the framework as an open-source tool, users are encouraged to develop and share their own plug-ins.
for downloading the tool:
http://www.foundstone.com/resources/...e=wsdigger.zip
Screenshots:
https://www.threatsandcountermeasure...07/08/522.aspx
Thanks