product datasheet

White paper -
Taxonomy of XML attacks



Testing for XML applications

Vordel SOAPbox allows developers to test the performance, scalability, and security of Web Services. Using SOAPbox, a developer can test how Web Services perform under load, how they deal with unexpected input, and what their traffic ceiling is.

Vordel SOAPbox highlights security tokens, XML Signatures, and encrypted content in XML documents. SOAPbox supports established security technologies such as SSL and HTTP-Auth, as well as next-generation security technologies such as WS-Security and SAML.

Penetration Testing

Click to enlarge: Example penetration
testing screenshot

Use SOAPbox to mimic potential attack paths by automatically injecting malicious content into XML messages. Malicious content attack types include SQL Injection, XPath Injection and Message value fuzzing.

Stress test your Web Services

How do your Web Services perform under stress? What are your Web Service's traffic ceilings? What happens when they receive more traffic than they can cope with? Vordel SOAPbox answers these questions with comprehensive Web Services stress testing.

Traffic simulation to test your application infrastructure

Use SOAPbox to create and run your own battery of tests against internal application servers and ESB (Enterprise Service Bus) platforms.

Sample SOAP messages

Get started quickly with pre-built SOAP messages provided as standard.

Broad Security Standard support


Click to enlarge: Example insert
WS-Security Token

SOAPbox creates signed and encrypted XML messages without any requirement for coding. It supports SSL, WS-Security, and SAML.

Test Federated Identity deployments

SOAPbox creates all three types of SAML assertions in order to test them against Federated Identity infrastructure. Creating SAML assertions using SOAPbox is significantly more simple than using a programming toolkit for the same purpose.

Test XML, REST, or SOAP

Non-SOAP Web Services can be tested using SOAPbox (despite its name!). In addition, Web Services which are called using directly by browsers or using the XMLHttpRequest object can also be tested using SOAPbox.

Vordel SOAPbox datasheet