I am looking for a tool to test communication between 2 entities via websockets (and JSON).
Looks like Postman is not quite mature in this area and there are quite a few limitations.
I have not been able to find clear information about SoapUI’s support in this area, but to me it looks like we need a plugin for it.
Any information from you regarding support for websockets in Postman and SoapUI would be very much appreciated.
If you know of other tools, I’d be more than happy to get that information too.
Hi! Depends on the kind of tests and the way how and what you want to do/to test but if you want to intersect web socket communication and manipulate messages/handshake you can try Burp Suite
check this link for additional details Testing for WebSocket vulnerabilities with Burp Suite - PortSwigger
Thanks, Konstantin.
I’m actually looking for a tool with which I can setup a websocket connection to a server and send messages back and forth in JSON format. At the moment I don’t need the tool to test vulnerabilities, but rather just the intended functionality.
I don’t suggest it to you as a tool for testing vulnerability because for this testing it’s not enough just to use 1 tool As I wrote, you can intercept web socket communication between your app and server and change request bode with the JSON you want. This tool has a simple interface and feature to repeat requests and send your JSON file messages every time. Because of the tool’s features and its proxy, you can (partly) cover the tests you describe
d. But it’s up to you, you can try to find something else specifically for what you described or you can write your own client, e.g. in Python (there plenty of info how to do this) but it’s time-consuming