Projects/OWASP WS Amplification DoS Project/Roadmap

Jump to: navigation, search
  • PHASE 1:
    • A - Setting up a tool that can detect this vulnerability
      • Finding a way to crawl the net looking for open webservices and test them with the above tool
    • B - Looking into the different WS implementations and finding out their default WS-Addressing behaviour
      • .NET, Axis, Axis2, CXF,...
  • PHASE 2:
    • A - Analyse the results and determine the global threat magnitude
      • Average amplification factor, number of vulnerable open webservices,...
    • B - Determine what adjustments and countermeasures must be taken in order to mitigate the threat
      • In the frameworks, external tool?,...
  • PHASE 3:
    • Bundle all the results and possible countermeasures into a document/article to create awareness