Unicornscan Documentation Getting Started

Enumeration Internet Security Whitepapers

Unicornscan can be installed from a package for your distribution. This guide is intended for those wishing to manually compile unicornscan for their specific needs. Use the table of contents to skip directly sections that seem relevant to you. This guide describes how to install unicornscan on most POSIX platforms.

Web Services Enumeration and Profiling

Enumeration Internet Security Whitepapers

Web services hacking begins with the Web Services Definition Language or WSDL. A WSDL file is a major source of information for an attacker. Examining a WSDL description provides critical information like methods, input and output parameters. It is important to understand the structure of a WSDL file, based on which one should be able to enumerate web services. The outcome of this process is a web services profile or matrix. The scope of this paper is restricted to understanding this process. Once this is done, attack vectors for web services can be defined. The scope of attack vectors will be covered in the next paper.