Due to the fact that many web services provide critical business functions, this makes them a strong target for Internet attackers. Web services can still be susceptible to Structured Query Language (SQL), Lightweight Directory Access Protocol (LDAP), Operating System (OS) and Extensible Markup Pathway Language (XPATH) injection, blind injection and buffer overflows. XML based resources are frequently configured without any form of access control. As a consequence, if a web service allows user input to be included in an query, then it becomes a strong target for an injection based attack.
eInnosec provide web service penetration testing based on proven methodologies and techniques. Using a series of commercial tools, open source tools and in-house built scripts, eInnosec's security testers provide security testing techniques that identify your security vulnerabilities before Internet hackers find them.