GitHub

SAML Raider - SAML2 Burp Extension

SAML Raider is a Burp Suite extension for testing SAML infrastructures. It contains two core functionalities: Manipulating SAML Messages and manage X.509 certificates. This software was originally ...
GitHub

snowfallorg/nixos-appstream-generator

A small program that iterates over a list of nix packages and extracts appstream data. Generate Appstream data for a given package USAGE: nixos-appstream-generator [OPTIONS] OPTIONS: -c, --clean ...
The Hacker News

Fortinet FortiGate Under Active Attack Through SAML SSO Authentication Bypass

Threat actors have begun to exploit two newly disclosed security flaws in Fortinet FortiGate devices, less than a week after public disclosure. Cybersecurity company Arctic Wolf said it observed ...
USENIX

On Breaking SAML: Be Whoever You Want to Be

It is a critical component for the development of federated identity deployments and Single Sign-On scenarios. In order to protect integrity and authenticity of the exchanged SAML assertions, the XML ...