Merge pull request #495 from hahwul/saml-update

Update tools in SAML Injection
2024-12-19 10:56:10 +00:00 · 2022-05-01 13:00:05 +02:00 · 2022-05-01 13:00:05 +02:00 · 33ea0b54fb
commit 33ea0b54fb
parent 5f499adeb5 b3442dd8b5
2 changed files with 3 additions and 2 deletions
--- a/Injection/README.md
+++ b/Injection/README.md
@ -16,7 +16,7 @@
 ## Tools
 - [SAML Raider - Burp Extension](https://github.com/SAMLRaider/SAMLRaider)
-
+- [SAML Support - ZAP Addon](https://www.zaproxy.org/docs/desktop/addons/saml-support/)
 ## Authentication Bypass
@ -197,4 +197,4 @@ Picture from [http://sso-attacks.org/XSLT_Attack](http://sso-attacks.org/XSLT_At
 - [Attacking SSO: Common SAML Vulnerabilities and Ways to Find Them - March 7th, 2017 - Jem Jensen](https://blog.netspi.com/attacking-sso-common-saml-vulnerabilities-ways-find/)
 - [How to Hunt Bugs in SAML; a Methodology - Part I - @epi052](https://epi052.gitlab.io/notes-to-self/blog/2019-03-07-how-to-test-saml-a-methodology/)
 - [How to Hunt Bugs in SAML; a Methodology - Part II - @epi052](https://epi052.gitlab.io/notes-to-self/blog/2019-03-13-how-to-test-saml-a-methodology-part-two/)
- [How to Hunt Bugs in SAML; a Methodology - Part III - @epi052](https://epi052.gitlab.io/notes-to-self/blog/2019-03-16-how-to-test-saml-a-methodology-part-three/)
+- [How to Hunt Bugs in SAML; a Methodology - Part III - @epi052](https://epi052.gitlab.io/notes-to-self/blog/2019-03-16-how-to-test-saml-a-methodology-part-three/)
--- a/Files/README.md
+++ b/Files/README.md
@ -20,6 +20,7 @@
 ## Tools
 - [Fuxploider](https://github.com/almandin/fuxploider)
 - [Burp > Upload Scanner](https://portswigger.net/bappstore/b2244cbb6953442cb3c82fa0a0d908fa)
 - [ZAP > FileUpload AddOn](https://www.zaproxy.org/blog/2021-08-20-zap-fileupload-addon/)
 ## Exploits