Python Script for SAML2 Authentication Passwordspray

SAML2Spray

Python Script for SAML2 Authentication Passwordspraying against Sibboleth and SAP IDPs.

In a recent pentest I came accross the need to passwordspray a SAML2 authentication. As I couldn’t find a ready to go solution, nor was able to do it with burp, I created my own little script to do the job for me.

TL/DR;

The script needs some tweaking to fit you current situation:

The URL for the service you want to access

The URL for the Identity Provider which the Service Provider will redi…

Python Script for SAML2 Authentication Passwordspray

ProxyShell exploitation leads to BlackByte ransomware

Kit_Hunter – A Basic Phishing Kit Scanner For Dedicated And Semi-Dedicated Hosting

Pysa Ransomware Under the Lens: A Deep-Dive Analysis

Introducing VirusTotal Collections

Editor Picks

Kitten.gif: Meet the Sabbath Ransomware Affiliate Program, Again

Cobalt Strike: Using Known Private Keys To Decrypt Traffic – Part 2

WinRAR’s vulnerable trialware: when free software isn’t free

Must read

Kit_Hunter – A Basic Phishing Kit Scanner For Dedicated And Semi-Dedicated Hosting

Pysa Ransomware Under the Lens: A Deep-Dive Analysis

Introducing VirusTotal Collections

Popular categories