|
Free Web Services Performance and Security Testing
Vordel SOAPbox is the industry's original and best Web Services security test tool! We have now enhanced the functionality of the product to allow you test for free the performance, compliance and security of your Web Services, REST interfaces and JMS queues. Use SOAPbox to simulate client usage of Service, so that performance and security problems are identified and resolved early.
- Run test suites to assess Web Service performance and reliability
- Probe for vulnerabilities to bulletproof your Web Services
- Ensure Services comply with your corporate SLA obligations
- Test the strength your integrations
View Product in Action
|
|
Download SOAPbox for free and get testing today
 SOAPbox Getting Started Guide download here...
|
Get the Big Picture
 |
1 2 3 4 |  |
|
|
Features
Security Testing
Vordel SOAPbox includes a set of attack vectors which are used to probe for vulnerabilities in Web Services. The security vulnerabilities detected by SOAPbox are then blocked by Vordel XML Gateway.
- Run standard attack vectors for penetration testing
- Simple Graphical Keystore
- Add or Remove Security Tokens
- Kerberos & SSL support
- SOAP Attachment
- Test Federated Identity deployments
Performance Testing
Vordel SOAPbox ensures that services meet throughput, latency and availability performance criteria. Checking that Service Level Agreements are maintained under all of these conditions is the only way to ensure that applications will work as expected.
- Simulate messages per second, message size, message complexity and the load on other services
- Automated Performance Testing
- Traffic simulation to test your application infrastructure
- Sample SOAP messages
- Automated Regression Testing
- Automated Stress Testing
- Test Suite Generation based on WSDL
Integration Testing
In an integration environment, it is natural that "protocol mixing" occurs between SOAP, lightweight REST services, and message queues. SOAPbox is used to test all parts of the integration environment, and is not limited to Web Services only.
- Advanced Web Services standards used by AXIS, Metro and .NET Framework supported
- Test Federated Identity deployments
- Multiple transport protocols supported
- Generate SAML requests to Test Federated Identity deployments
- Place a digitally signed message onto a JMS queue
- Simulate a browser connecting to an SSL-enabled web server
- create Kerberos tickets used for integration with Microsoft Active Directory.
|
|
Specifications
| Web Services Protocols | SOAP 1.1 & 1.2 , Plain XML (POX), REST, Web 2.0 (XMLHttpRequest, JSON) |
| Transport Protocols | HTTP 1.0 & 1.1, JMS, MQ, FTP, SFTP, |
| Routing | HTTP Proxy, WS-Addressing |
| Operational Modes | Request Response, Automated Test Suites, Stress Testing and Command Line Performance Testing |
| Test Inputs | WSDL 1.2, WS-Policy 1.2, WS-SecurityPolicy 1.1, WS-Policy Attachment, UDDI, SOAP, XML |
| Test Design | Drag-and-drop test case creation, Conditional branching within test cases, Test Suites, Wildcard values within test cases, Test Chaining |
| Test Execution | Headless Test Execution, Results storage, Automated Result checking |
| Stress Testing | Test Loops, Controllable multi-threaded execution, Number and Duration based testing, Performance Testing at greater than 50,000 messages per second |
| Identity Federation | Insert SAML Authentication, Authorization and Attribute Assertions, SAML 1.0, 1.1 & 2.0 support |
| Encryption and Signing | SSL, XML Encryption, XML Signature, WS-Security SOAP Message Security |
| XML Threat Injection | XML Entity Expansion and Recursion Attacks, XML Document Size Attacks, XML Document Width Attacks, XML Document Depth Attacks, XML Wellformedness based Parser Attacks, Jumbo Payloads, Recursive Elements, MegaTags - aka Jumbo Tag Names, Public Key DoS attack, XML Flood, XML Encapsulation, XML Virus, Replay Attacks, Resource Hijack, Dictionary Attack, Message Tampering, Falsified Message, Data Tampering, Message Snooping, XPath Injection, SQL Injection, Xquery Injection, WSDL Enumeration, Routing Detour, Schema Poisoning, Malicious Morphing, Malicious Include - also called XML External Entity (XXE) Attack, Memory Space Breach, XML Morphing, Parameter Tampering, Coercive Parsing, Field level validation, Scanning outgoing messages for sensitive content based on metadata or Regular Expression Pattern, WSDL Scanning, XML Bomb Attacks, Rogue SOAP Attachments, Attach viruses in SOAP Attachments, Schema Validation, XML Clogging Detection, SOAP Operation Filtering, IP Address Filtering, Traffic Throttling, HTTP Header, HTTP Query String |
| Authentication | Kerberos, HTTP Authentication (Basic/Digest), SSL Mutual Authentication, WS-Security 1.1 & 1.0, WS-Security UsernameToken, WS-Security X.509 Certificate Token, WS-Security Kerberos Profile and other types |
| PKI | X.509 Certificate Issuance, Certificate and key import/export & generation. Support for PEM, DER and PFX formats |
| Operating System Support Matrix | Windows 7, Windows Vista, Windows XP, Windows Server 2003, Windows Server 2008, Red Hat Linux, Suse Linux ES, Ubuntu Linux, Debian Linux, Solaris 10 Sparc, Oracle linux |
| Message | Message Generation from WSDL, WSI Checking, Message Formatting, Message Structure checking, Syntax Coloring |
Download SOAPbox for Free
Thank you for your interest in the free Vordel SOAPbox.
To receive the latest Web Services testing information to help you and your organization, please register your details below.
In order to provide you with access to the product, we require that you provide us with a valid email address, as the download details will be sent to this address.
This site, and all contents and graphics, copyright © 1999 - 2010 Vordel Limited | Legal notices | Privacy policy