Sunday, May 22, 2022

Python Script for SAML2 Authentication Passwordspray


Python Script for SAML2 Authentication Passwordspraying against Sibboleth and SAP IDPs.

In a recent pentest I came accross the need to passwordspray a SAML2 authentication. As I couldn’t find a ready to go solution, nor was able to do it with burp, I created my own little script to do the job for me.


The script needs some tweaking to fit you current situation:

The URL for the service you want to access

The URL for the Identity Provider which the Service Provider will redi…

Read More

Latest news
Related news