Treceți offline cu aplicația Player FM !
Episode 46: The SAML Ramble
Manage episode 385327364 series 3435922
Episode 46: In this episode of Critical Thinking - Bug Bounty Podcast, Justin is deep diving the topic of SAML (Security Assertion Markup Language), and walks through what it is and why it can be intimidating, before going over some key attack vectors to look for. Then he closes out with a commentary on a sample payload, and some HackerOne reports.
Follow us on twitter at: @ctbbpodcast
We're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.io
Shoutout to YTCracker for the awesome intro music!
------ Links ------
Follow your hosts Rhynorater & Teknogeek on twitter:
https://twitter.com/0xteknogeek
https://twitter.com/rhynorater
------ Ways to Support CTBBPodcast ------
Sign up for Caido using the referral code CTBBPODCAST for a 10% discount.
KazHACKstan
Testing SAML security with DAST
https://agrrrdog.blogspot.com/2023/01/testing-saml-security-with-dast.html
How to break SAML if I have paws?
https://speakerdeck.com/greendog/how-to-break-saml-if-i-have-paws?slide=20
How to Hunt Bugs in SAML; a Methodology
https://epi052.gitlab.io/notes-to-self/blog/2019-03-16-how-to-test-saml-a-methodology-part-three/
SAML Raider
https://portswigger.net/bappstore/c61cfa893bb14db4b01775554f7b802e
External Entity Injection during XML signature verification
https://bugs.chromium.org/p/project-zero/issues/detail?id=2313
mTLS: When certificate authentication is done wrong
https://github.blog/2023-08-17-mtls-when-certificate-authentication-is-done-wrong/
HackerOne Uber Report
https://hackerone.com/reports/136169
Timestamps:
(00:00:00) Introduction
(00:05:25) Understanding SAML and its complexities
(00:08:30) SAML Attack Vectors
(00:14:15) XML Signature Wrapping
(00:19:50) Some SAML tests to try
(00:30:30) Sample Payload description
(00:34:10) Token Recipient confusion
(00:36:05) HackerOne Reports
94 episoade
Manage episode 385327364 series 3435922
Episode 46: In this episode of Critical Thinking - Bug Bounty Podcast, Justin is deep diving the topic of SAML (Security Assertion Markup Language), and walks through what it is and why it can be intimidating, before going over some key attack vectors to look for. Then he closes out with a commentary on a sample payload, and some HackerOne reports.
Follow us on twitter at: @ctbbpodcast
We're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.io
Shoutout to YTCracker for the awesome intro music!
------ Links ------
Follow your hosts Rhynorater & Teknogeek on twitter:
https://twitter.com/0xteknogeek
https://twitter.com/rhynorater
------ Ways to Support CTBBPodcast ------
Sign up for Caido using the referral code CTBBPODCAST for a 10% discount.
KazHACKstan
Testing SAML security with DAST
https://agrrrdog.blogspot.com/2023/01/testing-saml-security-with-dast.html
How to break SAML if I have paws?
https://speakerdeck.com/greendog/how-to-break-saml-if-i-have-paws?slide=20
How to Hunt Bugs in SAML; a Methodology
https://epi052.gitlab.io/notes-to-self/blog/2019-03-16-how-to-test-saml-a-methodology-part-three/
SAML Raider
https://portswigger.net/bappstore/c61cfa893bb14db4b01775554f7b802e
External Entity Injection during XML signature verification
https://bugs.chromium.org/p/project-zero/issues/detail?id=2313
mTLS: When certificate authentication is done wrong
https://github.blog/2023-08-17-mtls-when-certificate-authentication-is-done-wrong/
HackerOne Uber Report
https://hackerone.com/reports/136169
Timestamps:
(00:00:00) Introduction
(00:05:25) Understanding SAML and its complexities
(00:08:30) SAML Attack Vectors
(00:14:15) XML Signature Wrapping
(00:19:50) Some SAML tests to try
(00:30:30) Sample Payload description
(00:34:10) Token Recipient confusion
(00:36:05) HackerOne Reports
94 episoade
Alle afleveringen
×Bun venit la Player FM!
Player FM scanează web-ul pentru podcast-uri de înaltă calitate pentru a vă putea bucura acum. Este cea mai bună aplicație pentru podcast și funcționează pe Android, iPhone și pe web. Înscrieți-vă pentru a sincroniza abonamentele pe toate dispozitivele.