diff --git a/SAML Injection/README.md b/SAML Injection/README.md index 2ba8dae..2b2b786 100644 --- a/SAML Injection/README.md +++ b/SAML Injection/README.md @@ -16,7 +16,7 @@ ## Tools - [SAML Raider - Burp Extension](https://github.com/SAMLRaider/SAMLRaider) - +- [SAML Support - ZAP Addon](https://www.zaproxy.org/docs/desktop/addons/saml-support/) ## Authentication Bypass @@ -197,4 +197,4 @@ Picture from [http://sso-attacks.org/XSLT_Attack](http://sso-attacks.org/XSLT_At - [Attacking SSO: Common SAML Vulnerabilities and Ways to Find Them - March 7th, 2017 - Jem Jensen](https://blog.netspi.com/attacking-sso-common-saml-vulnerabilities-ways-find/) - [How to Hunt Bugs in SAML; a Methodology - Part I - @epi052](https://epi052.gitlab.io/notes-to-self/blog/2019-03-07-how-to-test-saml-a-methodology/) - [How to Hunt Bugs in SAML; a Methodology - Part II - @epi052](https://epi052.gitlab.io/notes-to-self/blog/2019-03-13-how-to-test-saml-a-methodology-part-two/) -- [How to Hunt Bugs in SAML; a Methodology - Part III - @epi052](https://epi052.gitlab.io/notes-to-self/blog/2019-03-16-how-to-test-saml-a-methodology-part-three/) \ No newline at end of file +- [How to Hunt Bugs in SAML; a Methodology - Part III - @epi052](https://epi052.gitlab.io/notes-to-self/blog/2019-03-16-how-to-test-saml-a-methodology-part-three/) diff --git a/Upload Insecure Files/README.md b/Upload Insecure Files/README.md index 0ccaea3..3e89611 100644 --- a/Upload Insecure Files/README.md +++ b/Upload Insecure Files/README.md @@ -20,6 +20,7 @@ ## Tools - [Fuxploider](https://github.com/almandin/fuxploider) - [Burp > Upload Scanner](https://portswigger.net/bappstore/b2244cbb6953442cb3c82fa0a0d908fa) +- [ZAP > FileUpload AddOn](https://www.zaproxy.org/blog/2021-08-20-zap-fileupload-addon/) ## Exploits