McAfee Shares Internal Web-Services Security Tool

Just saw this via. Robin Cover’s awesome XML.org Daily Newslink. The good folks at McAfee are releasing a open-source tool named WSDigger that helps identify vulnerabilities in Web services implementations. WSDigger contains sample attack plug-ins for SQL injection, cross-site scripting, and X-PATH injection attacks. It also allows developers to import their WSDL’s and test for compliance with the WS-Security specification.