StackHawk

SOAP API schemas use XML to define the structure of its operations. The schema is made available through a WSDL file, offering a machine-readable format for how the web service works.

HawkScan will use the contents provided by the WSDL to improve the quality of the scan by:

Pre-seeding the sitemap using the routes defined in the WSDL. This can be used to complement any crawled routes or can be used instead of app spidering altogether.

Using defined inputs to operations in the spec to inform how to communicate with the web application and gather clues on how to better attack endpoints.

- Pre-seeding the sitemap using the routes defined in the WSDL. This can be used to complement any crawled routes or can be used instead of app spidering altogether.
- Using defined inputs to operations in the spec to inform how to communicate with the web application and gather clues on how to better attack endpoints.

app: applicationId: xxxx-XXXX-xxxx-XXXX-xxxxxxxx env: Development host: http://localhost:8000 autoPolicy: true api: /soapAPI/v1?wsdl

Scanning SOAP APIs

StackHawk Documentation

Try StackHawk for Free

Find answers and get help from Intercom Support and Community Experts

Empty Help Center

Uh oh. That page doesn’t exist.

Disappointed

Neutral

Smiley

Title

Track the progress of all tickets related to your company.

Tickets portal.

{assigneeName} needs more information from you

app: ... soapConf: "soapAPI.wsdl"	app: ... soapConf: /soapAPI/v1?wsdl
Using a spec file	Using a relative URL

SOAP Configuration

Configuration Examples:

Basic Scan