{"id":4636,"date":"2017-08-15T08:27:30","date_gmt":"2017-08-15T00:27:30","guid":{"rendered":"https:\/\/www.darknet.org.uk\/?p=4636"},"modified":"2017-08-15T08:27:47","modified_gmt":"2017-08-15T00:27:47","slug":"saml-raider-saml2-security-testing-burp-extension","status":"publish","type":"post","link":"https:\/\/www.darknet.org.uk\/2017\/08\/saml-raider-saml2-security-testing-burp-extension\/","title":{"rendered":"SAML Raider &#8211; SAML2 Security Testing Burp Extension"},"content":{"rendered":"<p>SAML Raider is a <a href=\"https:\/\/www.darknet.org.uk\/2011\/06\/burp-suite-free-edition-v1-4-web-application-security-testing-tool\/\">Burp Suite<\/a> extension for SAML2 security testing, it contains two core functionalities &#8211; Manipulating SAML Messages and managing X.509 certificates.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.darknet.org.uk\/wp-content\/uploads\/2017\/08\/SAML-Raider-SAML2-Security-Testing-Burp-Extension-640x423.png\" alt=\"SAML Raider - SAML2 Security Testing Burp Extension\" width=\"640\" height=\"423\" class=\"aligncenter size-medium wp-image-4637\" srcset=\"https:\/\/www.darknet.org.uk\/wp-content\/uploads\/2017\/08\/SAML-Raider-SAML2-Security-Testing-Burp-Extension-640x423.png 640w, https:\/\/www.darknet.org.uk\/wp-content\/uploads\/2017\/08\/SAML-Raider-SAML2-Security-Testing-Burp-Extension-1024x677.png 1024w, https:\/\/www.darknet.org.uk\/wp-content\/uploads\/2017\/08\/SAML-Raider-SAML2-Security-Testing-Burp-Extension.png 1102w\" sizes=\"(max-width: 640px) 100vw, 640px\" \/><\/p>\n<p>The extension is divided into two parts, a SAML message editor and a certificate management tool.<\/p>\n<script async src=\"https:\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-3033787195489589\"\r\n     crossorigin=\"anonymous\"><\/script>\r\n<!-- Darknet Responsive Post Ad Links [previously link ad unit] -->\r\n<ins class=\"adsbygoogle\"\r\n     style=\"display:block\"\r\n     data-ad-client=\"ca-pub-3033787195489589\"\r\n     data-ad-slot=\"5456620019\"\r\n     data-ad-format=\"auto\"><\/ins>\r\n<script>\r\n     (adsbygoogle = window.adsbygoogle || []).push({});\r\n<\/script>\n<h3>Features<\/h3>\n<h4>Message Editor<\/h4>\n<p>Features of the SAML Raider message editor:<\/p>\n<ul>\n<li>Sign SAML Messages<\/li>\n<li>Sign SAML Assertions<\/li>\n<li>Remove Signatures<\/li>\n<li>Edit SAML Message (Supported Messages: SAMLRequest and SAMLResponse)<\/li>\n<li>Preview eight common XSW Attacks<\/li>\n<li>Execute eight common XSW Attacks<\/li>\n<li>Send certificate to SAMl Raider Certificate Management<\/li>\n<li>Undo all changes of a SAML Message<\/li>\n<li>Supported Profiles: SAML Webbrowser Single Sign-on Profile, Web Services Security SAML Token Profile<\/li>\n<li>Supported Bindings: POST Binding, Redirect Binding, SOAP Binding, URI Binding<\/li>\n<\/ul>\n<h4>Certificate Management<\/h4>\n<p>Features of the SAML Raider Certificate Management:<\/p>\n<ul>\n<li>Import X.509 certificates (PEM and DER format)<\/li>\n<li>Import X.509 certificate chains<\/li>\n<li>Export X.509 certificates (PEM format)<\/li>\n<li>Delete imported X.509 certificates<\/li>\n<li>Display informations of X.509 certificates<\/li>\n<li>Import private keys (PKCD#8 in DER format and traditional RSA in PEM Format)<\/li>\n<li>Export private keys (traditional RSA Key PEM Format)<\/li>\n<li>Cloning X.509 certificates<\/li>\n<li>Cloning X.509 certificate chains<\/li>\n<li>Create new X.509 certificates<\/li>\n<li>Editing and self-sign existing X.509 certificates<\/li>\n<\/ul>\n<p>You can download SAML Raider here:<\/p>\n<p><a href=\"https:\/\/github.com\/SAMLRaider\/SAMLRaider\/releases\/download\/v1.2.1\/saml-raider-1.2.1.jar\">saml-raider-1.2.1.jar<\/a><\/p>\n<p>Or read more <a href=\"https:\/\/github.com\/SAMLRaider\/SAMLRaider\">here<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>SAML Raider is a Burp Suite extension for SAML2 security testing, it contains two core functionalities &#8211; Manipulating SAML Messages and managing X.509 certificates. The extension is divided into two parts, a SAML message editor and a certificate management tool. Features Message Editor Features of the SAML Raider message editor: Sign SAML Messages Sign SAML [&hellip;]<\/p>\n","protected":false},"author":25,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_seopress_robots_primary_cat":"","_seopress_titles_title":"","_seopress_titles_desc":"SAML Raider is a Burp Suite extension for SAML2 security testing, it contains two core functionalities - Manipulating SAML Messages & managing X.509 certs.","_seopress_robots_index":"","_genesis_hide_title":false,"_genesis_hide_breadcrumbs":false,"_genesis_hide_singular_image":false,"_genesis_hide_footer_widgets":false,"_genesis_custom_body_class":"","_genesis_custom_post_class":"","_genesis_layout":"","footnotes":""},"categories":[9,5],"tags":[424],"featured_image_src":null,"featured_image_src_square":null,"author_info":{"display_name":"Darknet","author_link":"https:\/\/www.darknet.org.uk\/author\/darknet\/"},"_links":{"self":[{"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/posts\/4636"}],"collection":[{"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/users\/25"}],"replies":[{"embeddable":true,"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/comments?post=4636"}],"version-history":[{"count":0,"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/posts\/4636\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/media?parent=4636"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/categories?post=4636"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/tags?post=4636"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}