GI LogoGI Logo
  • Login
Digital Library
    • All of DSpace

      • Communities & Collections
      • Titles
      • Authors
      • By Issue Date
      • Subjects
    • This Collection

      • Titles
      • Authors
      • By Issue Date
      • Subjects
Digital Library Gesellschaft für Informatik e.V.
GI-DL
    • English
    • Deutsch
  • English 
    • English
    • Deutsch
View Item 
  •   DSpace Home
  • Lecture Notes in Informatics
  • Proceedings
  • Open Identity Summit
  • P251 - Open Identity Summit 2015
  • View Item
JavaScript is disabled for your browser. Some features of this site may not work without it.
  •   DSpace Home
  • Lecture Notes in Informatics
  • Proceedings
  • Open Identity Summit
  • P251 - Open Identity Summit 2015
  • View Item

Automatic recognition, processing and attacking of single sign-on protocols with burp suite

Author:
Mainka, Christian [DBLP] ;
Mladenov, Vladislav [DBLP] ;
Guenther, Tim [DBLP] ;
Schwenk, Jörg [DBLP]
Abstract
SAML, Mozilla BrowserID, OpenID, OpenID Connect, Facebook Connect, Microsoft Account, OAuth - today's web applications are supporting a large set of Single Sign-On (SSO) solutions. Some of them have common properties and behavior, others are completely different. This paper will give an overview of modern SSO protocols. We classify them into two groups and show how to distinguish them from each other. We provide EsPReSSO, an open source Burpsuite plugin that identifies SSO protocols automatically in a browser's HTTP traffic and helps penetration testers and security auditors to manipulate SSO flows easily.
  • Citation
  • BibTeX
Mainka, C., Mladenov, V., Guenther, T. & Schwenk, J., (2015). Automatic recognition, processing and attacking of single sign-on protocols with burp suite. In: Hühnlein, D., Roßnagel, H., Kuhlisch, R. & Ziesing, J. (Hrsg.), Open Identity Summit 2015. Bonn: Gesellschaft für Informatik e.V.. (S. 117-131).
@inproceedings{mci/Mainka2015,
author = {Mainka, Christian AND Mladenov, Vladislav AND Guenther, Tim AND Schwenk, Jörg},
title = {Automatic recognition, processing and attacking of single sign-on protocols with burp suite},
booktitle = {Open Identity Summit 2015},
year = {2015},
editor = {Hühnlein, Detlef AND Roßnagel, Heiko AND Kuhlisch, Raik AND Ziesing, Jan} ,
pages = { 117-131 },
publisher = {Gesellschaft für Informatik e.V.},
address = {Bonn}
}
DateienGroesseFormatAnzeige
117.pdf167.7Kb PDF View/Open

Haben Sie fehlerhafte Angaben entdeckt? Sagen Sie uns Bescheid: Send Feedback

More Info

ISBN: 978-3-88579-645-9
ISSN: 1617-5468
xmlui.MetaDataDisplay.field.date: 2015
Language: en (en)
Content Type: Text/Conference Paper
Collections
  • P251 - Open Identity Summit 2015 [12]

Show full item record


About uns | FAQ | Help | Imprint | Datenschutz

Gesellschaft für Informatik e.V. (GI), Kontakt: Geschäftsstelle der GI
Diese Digital Library basiert auf DSpace.

 

 


About uns | FAQ | Help | Imprint | Datenschutz

Gesellschaft für Informatik e.V. (GI), Kontakt: Geschäftsstelle der GI
Diese Digital Library basiert auf DSpace.