Identity Theft - Attacks on SSO Systems

Identity Theft - Attacks on SSO Systems

Black Hat via YouTube Direct link

Introduction

1 of 30

1 of 30

Introduction

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

Identity Theft - Attacks on SSO Systems

Automatically move to the next video in the Classroom when playback concludes

  1. 1 Introduction
  2. 2 About Me
  3. 3 Agenda
  4. 4 SSO
  5. 5 SAML
  6. 6 XML
  7. 7 Name ID
  8. 8 Attributes
  9. 9 Signature
  10. 10 XML Digital Signature
  11. 11 XML Canonicalization
  12. 12 XML Comments
  13. 13 Saml API
  14. 14 XML API
  15. 15 XML Documents as Trees
  16. 16 Is XML Broken
  17. 17 What We Know
  18. 18 The Timeline
  19. 19 How could this be exploited
  20. 20 Threat Model
  21. 21 Truncation Vulnerability
  22. 22 SAML Assertion
  23. 23 Update Profile Information
  24. 24 Remediation
  25. 25 Exploit Steps
  26. 26 Programmable Identity
  27. 27 One More Trick
  28. 28 HighLevel Steps
  29. 29 Conclusion
  30. 30 Shoutouts

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.