Python Script for SAML2 Authentication Passwordspray

SAML2Spray

Python Script for SAML2 Authentication Passwordspraying against Sibboleth and SAP IDPs.

In a recent pentest I came accross the need to passwordspray a SAML2 authentication. As I couldn’t find a ready to go solution, nor was able to do it with burp, I created my own little script to do the job for me.

TL/DR;

The script needs some tweaking to fit you current situation:

The URL for the service you want to access

The URL for the Identity Provider which the Service Provider will redi…

Python Script for SAML2 Authentication Passwordspray

Raven – Advanced Cyber Threat Map (Simplified, Customizable, Responsive)

Free Micropatches for “RemotePotato0”, a “WON’T FIX” Local Privilege Escalation Affecting all Windows Systems

ParallelNimcalls: Nim version of MDSec’s Parallel Syscall PoC

AlphaGolang – IDApython Scripts For Analyzing Golang Binaries

Editor Picks

Hunting for samAccountName Spoofing (CVE-2021–42278) & Domain Controller Impersonation

Introducing VirusTotal Collections

Kitten.gif: Meet the Sabbath Ransomware Affiliate Program, Again

Must read

Free Micropatches for “RemotePotato0”, a “WON’T FIX” Local Privilege Escalation Affecting all Windows Systems

ParallelNimcalls: Nim version of MDSec’s Parallel Syscall PoC

AlphaGolang – IDApython Scripts For Analyzing Golang Binaries

Popular categories