About a year ago, the Burp extension SAML Raider [0] was released as a result of a bachelor thesis [1] in¬†collaboration with Compass Security. This Burp extension automates most of the steps, which are necessary to test a SAML single sign-on process and perform according attacks. With SAML Raider, an¬†authentication bypass vulnerability in a Service […]

Continue reading