Completed
Introduction
Class Central Classrooms beta
YouTube videos curated by Class Central.
Classroom Contents
Identity Theft - Attacks on SSO Systems
Automatically move to the next video in the Classroom when playback concludes
- 1 Introduction
- 2 About Me
- 3 Agenda
- 4 SSO
- 5 SAML
- 6 XML
- 7 Name ID
- 8 Attributes
- 9 Signature
- 10 XML Digital Signature
- 11 XML Canonicalization
- 12 XML Comments
- 13 Saml API
- 14 XML API
- 15 XML Documents as Trees
- 16 Is XML Broken
- 17 What We Know
- 18 The Timeline
- 19 How could this be exploited
- 20 Threat Model
- 21 Truncation Vulnerability
- 22 SAML Assertion
- 23 Update Profile Information
- 24 Remediation
- 25 Exploit Steps
- 26 Programmable Identity
- 27 One More Trick
- 28 HighLevel Steps
- 29 Conclusion
- 30 Shoutouts