Introduction Last Friday and Saturday (15./16. June 2018), the 6th edition of the security conference Area41 (formerly Hashdays, https://area41.io/) organized by DEFCON Switzerland (https://www.defcon-switzerland.org/, https://twitter.com/defconCH) took place in Zürich. Every Compass security analyst can attend two conferences every year supported by Compass. So most of the analysts decided to go to the Area41 this year […]
As every year, some Compass Security Analysts travelled to Geneva and attended the Insomni’hack conference and it’s enjoyable CTF.
For this task, we had SSH access to the server guess.insomni.hack and the task was to read the flag in the /home/flag directory. We were able to get the flag without even solving the challenge 🙂
About a year ago, the Burp extension SAML Raider [0] was released as a result of a bachelor thesis [1] in collaboration with Compass Security. This Burp extension automates most of the steps, which are necessary to test a SAML single sign-on process and perform according attacks. With SAML Raider, an authentication bypass vulnerability in a Service […]
© 2018 Compass Security Blog